On 08/19/2015 06:56 AM, Kai Bojens wrote: > Hello everybody, > I just got the email about the enforcing of HTTPS for the CentOS Websites > which I really appreciate: > > „The CentOS Project infra team has decided to implement TLS wherever we > can (…)” > > Does anybody know if and when mail.centos.org will be able to deliver its > mails with STARTTLS? There seems to be no support for STARTTLS at all: > > $: openssl s_client -connect mail.centos.org:25 -starttls smtp > (…) > didn't found starttls in server response, try anyway... e-mail by its very design is not secure, SMTP creates "Man In The Middle" at every server along the way. Signed messages are the only way to know they haven't been modified in transit between sender and recipient. DKIM does that if you trust it won't be modified on your server before it is applied, but even that doesn't work with mail lists because mail lists do modify the message. I'm not saying they shouldn't implement TLS on the list server, just not sure what the privacy or security benefit really would be.