Transparent hijacking of SMTP submission...

Jay Ashworth jra at baylink.com
Fri Nov 28 02:54:54 UTC 2014


----- Original Message -----
> From: "William Herrin" <bill at herrin.us>

> I'm not sure I follow your complaint here. Are you saying that Comcast
> or a
> Comcast customer in Washington state stripped the STARTTLS verb from
> the
> IPv4 port 587 SMTP submission connection between you and a third
> party?

And, of course, *just* as I hit send, I remembered it was in RISKS, linking
to EFF:

  https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks

Note that's dated 11 November, so this is a couple weeks old now.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274


More information about the NANOG mailing list