Delivery-Date: Mon, 02 Mar 2015 20:15:18 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,T_RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C2F1A1E0510
	for <archiver@seul.org>; Mon,  2 Mar 2015 20:15:16 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 47DF43409A;
	Tue,  3 Mar 2015 01:15:12 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 043B633FE5
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 01:15:08 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id E4ITZXfmAeaJ for <tor-talk@lists.torproject.org>;
 Tue,  3 Mar 2015 01:15:07 +0000 (UTC)
Received: from smtp5.hushmail.com (smtp5.hushmail.com [65.39.178.142])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.hushmail.com", Issuer "Self-signed" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id CD3CD33FBD
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 01:15:07 +0000 (UTC)
Received: from smtp5.hushmail.com (localhost [127.0.0.1])
 by smtp5.hushmail.com (Postfix) with SMTP id A294260251
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 01:15:04 +0000 (UTC)
Received: from smtp.hushmail.com (w8.hushmail.com [65.39.178.52])
 by smtp5.hushmail.com (Postfix) with ESMTP
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 01:15:04 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99)
 id 8B247E0462; Tue,  3 Mar 2015 01:15:04 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 02 Mar 2015 20:15:04 -0500
To: tor-talk@lists.torproject.org
From: "l.m" <ter.one.leeboi@hush.com>
In-Reply-To: <20150302234130.cd626a2d76f25c16d69f5019@wk3.org>
References: <54F47E8E.6040908@infosecurity.ch>
 <20150302192828.CAFC1E0465@smtp.hushmail.com>
 <20150302234130.cd626a2d76f25c16d69f5019@wk3.org> 
Message-Id: <20150303011504.8B247E0462@smtp.hushmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof
	of Work based system
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


malte@wk3.org wrote:
> This could be mitigated by configuring 
> the mailserver to require TLS, couldn't it?

Hi Malte,

It's certainly the case that you can enforce TLS. But which one? SMTPS
(TLS Wrapper) depends on the client enforcing and maintaining TLS on
port 465 using client-talks-first. It ensures (if properly implemented
and enforced) TLS gets used before any communication with the server.
It's also legacy and poorly supported, a footnote in the SMTP
migration to TLS. ESMTPS (STARTTLS) has the server enforce TLS on port
587 after an initial unencrypted EHLO command and is
server-talks-first. The client then has to validate the certificate
provided from some cert-store before completing initiating data
transfer. Both require TLS but SMTPS is non-standard.
--leeroy
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

