Page 1 of 1
SSL support with email (ESMTP)
Posted: 21 Dec 2006, 21:14
by Z
Many ESMTP services now support Encrypted email.
Received: from
[email protected]
(
[email protected] [nnn.nnn.nnn.nnn])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by xxx.xxx.xxx (Postfix) with ESMTP id 37E8733C008
for <
[email protected]>; Thu, 21 Dec 2006 22:08:00 +0200 (GMT+2)
How about adding ESMTP support with SSL support to Trashmail? At least it would prevent most of traditional internet eavesdropping.
Re: SSL support with email (ESMTP)
Posted: 24 Dec 2006, 02:34
by Admin
Z wrote:Many ESMTP services now support Encrypted email.
Received: from
[email protected]
(
[email protected] [nnn.nnn.nnn.nnn])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by xxx.xxx.xxx (Postfix) with ESMTP id 37E8733C008
for <
[email protected]>; Thu, 21 Dec 2006 22:08:00 +0200 (GMT+2)
How about adding ESMTP support with SSL support to Trashmail? At least it would prevent most of traditional internet eavesdropping.
I will try to implement this, but first I will do the whitelisting function that I need urgently to use also for myself!!
Re: SSL support with email (ESMTP)
Posted: 29 Nov 2007, 13:20
by Admin
Admin wrote:Z wrote:Many ESMTP services now support Encrypted email.
Received: from
[email protected]
(
[email protected] [nnn.nnn.nnn.nnn])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by xxx.xxx.xxx (Postfix) with ESMTP id 37E8733C008
for <
[email protected]>; Thu, 21 Dec 2006 22:08:00 +0200 (GMT+2)
How about adding ESMTP support with SSL support to Trashmail? At least it would prevent most of traditional internet eavesdropping.
I will try to implement this, but first I will do the whitelisting function that I need urgently to use also for myself!!
Its now implemented. The only bad thing is that the certificate is not recognized by any known CA.
But simple eavesdropping is only possible with man-in-the middle attack with 2 possibilities (protocol hacking and private/public key exchange proxying).