Mercurial > docs > diploma
comparison thesis/tex/4-MasqmailsFuture.tex @ 366:80b2e476c2e3
a lot of cleanup
| author | meillo@marmaro.de |
|---|---|
| date | Fri, 30 Jan 2009 21:20:00 +0100 |
| parents | f26d63dbb22b |
| children | d51894e48762 |
comparison
equal
deleted
inserted
replaced
| 365:ba9463b43709 | 366:80b2e476c2e3 |
|---|---|
| 139 \end{center} | 139 \end{center} |
| 140 \caption{Using \name{stunnel} for incoming connections} | 140 \caption{Using \name{stunnel} for incoming connections} |
| 141 \label{fig:stunnel} | 141 \label{fig:stunnel} |
| 142 \end{figure} | 142 \end{figure} |
| 143 | 143 |
| 144 To provide encrypted incoming channels, the \MTA\ could implement encryption and listen on a port that is dedicated to encrypted \SMTP\ (\NAME{SMTPS}). This approach would be possible, but it is deprecated in favor for \NAME{STARTTLS}. \RFC3207 ``\SMTP\ Service Extension for Secure \SMTP\ over Transport Layer Security'' shows this by not mentioning \NAME{SMTPS} on port 465. Also port 465 is not even reserved for \NAME{SMTPS} anymore \citeweb{iana:port-numbers}. | 144 To provide encrypted incoming channels, the \MTA\ could implement encryption and listen on a port that is dedicated to encrypted \SMTP\ (\NAME{SMTPS}). This approach would be possible, but it is deprecated in favor for \NAME{STARTTLS}. \RFC\,3207 ``\SMTP\ Service Extension for Secure \SMTP\ over Transport Layer Security'' shows this by not mentioning \NAME{SMTPS} on port 465. Also port 465 is not even reserved for \NAME{SMTPS} anymore \citeweb{iana:port-numbers}. |
| 145 | 145 |
| 146 \NAME{STARTTLS}---defined in \RFC2487---is what \RFC3207 recommends to use for secure \SMTP. The connection then goes over port 25 (or the submission port 587), but gets encrypted as the \NAME{STARTTLS} keyword is issued. Email depends on compatibility---only encryption methods that client and server support can be used. Hence it is best to act after the recommendations of the \RFC\ documents. This means \NAME{STARTTLS} encryption should be supported for incoming and for outgoing connections. | 146 \NAME{STARTTLS}---defined in \RFC\,2487---is what \RFC\,3207 recommends to use for secure \SMTP. The connection then goes over port 25 (or the submission port 587), but gets encrypted as the \NAME{STARTTLS} keyword is issued. Email depends on compatibility---only encryption methods that client and server support can be used. Hence it is best to act after the recommendations of the \RFC\ documents. This means \NAME{STARTTLS} encryption should be supported for incoming and for outgoing connections. |
| 147 | 147 |
| 148 | 148 |
| 149 | 149 |
| 150 \paragraph{\RF8: Spam handling} | 150 \paragraph{\RF8: Spam handling} |
| 151 \label{rf8} | 151 \label{rf8} |