-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 19/08/15 15:56, Kai Bojens wrote: > Hello everybody, I just got the email about the enforcing of HTTPS > for the CentOS Websites which I really appreciate: > > „The CentOS Project infra team has decided to implement TLS > wherever we can (…)” > > Does anybody know if and when mail.centos.org will be able to > deliver its mails with STARTTLS? There seems to be no support for > STARTTLS at all: > > $: openssl s_client -connect mail.centos.org:25 -starttls smtp (…) > didn't found starttls in server response, try anyway... Thanks for the comment. As said, we were targeting first the websites, but we can also investigate what would be needed and the possible impacts of implementing that for SMTP traffic. But, as other people said it too, it depends on what you want to secure/encrypt, and gnupg can also be used for that, despite the smtp server[s] included in the chain. My (personal) opinion is "if you want to secure/encrypt", use gpg. Adding TLS on top of smtp for the transport itself can be a good idea. Let me just start a thread with the other guys and see what we can come with. That will not be priority #1 though, as we're also working on other things, like using FAS for central auth for resources like cbs.centos.org and git.centos.org. Kind Regards, - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlXU2icACgkQnVkHo1a+xU4jMwCfW2gfE8o6ALEqzcTXSBq5+jx0 P4YAn2vl/qlxOieW6oYRO2kXZijrsZmL =Tgek -----END PGP SIGNATURE-----