[CentOS] TLS for all CentOS websites but not for smtp?
Kai Bojens
kb at kbojens.de
Wed Aug 19 16:24:13 UTC 2015
On 19-08-15 08:30:27, Alice Wonder wrote:
> e-mail by its very design is not secure, SMTP creates "Man In The
> Middle" at every server along the way.
DANE exists and mail servers like postfix support this. My logfiles
show me that mail.centos.org delivers straight to me without any
servers along the way.
> I'm not saying they shouldn't implement TLS on the list server, just
> not sure what the privacy or security benefit really would be.
Encryption ensures that third parties simply cannot follow their "collect
all" strategy.
More information about the CentOS
mailing list