[Freedombox-discuss] DNS std for Freedomboxes? [was Re: Establishing Communicationbetween Freedomboxes]
Sandy Harris
sandyinchina at gmail.com
Wed Aug 3 03:37:58 UTC 2011
On Wed, Jul 20, 2011 at 2:53 AM, Tony Godshall <togo at of.net> wrote:
> Any downside to letting your adversary know what domains you are
> emailing to? Well, the mice probably don't want the octopus know that
> they are emailing via @octopusnotsogreat.org? But then again SMTP
> itself is not encrypted either...
There is an opportunistic SSL-based encryption option for SMTP.
http://tools.ietf.org/html/rfc3207
Any two servers with that set up will automatically encrypt all mail
transfers. If the Box runs a mail server, I'd say enabling that is a
no-brainer.
The only question is whether, when the other server does not support
it, the Box should proceed with unencrypted transfer, or bounce the
mail back to the user with some "cannot send securely" message,
or try some alternate routing method.
There's also "Using TLS with IMAP, POP3 and ACAP"
http://tools.ietf.org/html/rfc2595
That covers the client-to-server transfer of mail. If the Box runs a
mail server, that's another obvious requirement.
More information about the Freedombox-discuss
mailing list