[67581] in North American Network Operators' Group
Re: SMTP authentication for broadband providers
daemon@ATHENA.MIT.EDU (Alex Bligh)
Fri Feb 13 04:47:45 2004
Date: Fri, 13 Feb 2004 09:46:59 +0000
From: Alex Bligh <alex@alex.org.uk>
Reply-To: Alex Bligh <alex@alex.org.uk>
To: Valdis.Kletnieks@vt.edu
Cc: Lou Katz <lou@metron.com>, nanog@merit.edu,
Alex Bligh <alex@alex.org.uk>
In-Reply-To: <200402122313.i1CNDd92020338@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
--On 12 February 2004 18:13 -0500 Valdis.Kletnieks@vt.edu wrote:
>> Since when was anything sent over port 25 confidential?
>
> Since Phil Zimmerman decided to do something about it.
Well if you are considering the plain-text of an encrypted mail,
it doesn't much matter whether port 25 is intercepted by whatever
governmental agency, or relayed through however many servers with
questionable operators.
> And quite frankly, he was right - that's the only way to do it right.
Oh I agree. My point to the original poster was that supposed security
of port 25 communications was not a good reason to avoid using
relays on the way. If you want security of you communications
a good first step is PGP (et al.). (Note that this does still leak
To:/From:/Subject: lines, but they be read via wire-tap just as they
can be read via intercept at a relay).
Alex
