Re: TLS for all CentOS websites but not for smtp?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 08/19/2015 06:56 AM, Kai Bojens wrote:
Hello everybody,
I just got the email about the enforcing of HTTPS for the CentOS Websites
which I really appreciate:

„The CentOS Project infra team has decided to implement TLS wherever we
  can (…)”

Does anybody know if and when mail.centos.org will be able to deliver its
mails with STARTTLS? There seems to be no support for STARTTLS at all:

$: openssl s_client -connect mail.centos.org:25 -starttls smtp
  (…)
  didn't found starttls in server response, try anyway...

e-mail by its very design is not secure, SMTP creates "Man In The Middle" at every server along the way.

Signed messages are the only way to know they haven't been modified in transit between sender and recipient.

DKIM does that if you trust it won't be modified on your server before it is applied, but even that doesn't work with mail lists because mail lists do modify the message.

I'm not saying they shouldn't implement TLS on the list server, just not sure what the privacy or security benefit really would be.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux