Transparent hijacking of SMTP submission...
Jay Ashworth
jra at baylink.com
Fri Nov 28 02:54:54 UTC 2014
----- Original Message -----
> From: "William Herrin" <bill at herrin.us>
> I'm not sure I follow your complaint here. Are you saying that Comcast
> or a
> Comcast customer in Washington state stripped the STARTTLS verb from
> the
> IPv4 port 587 SMTP submission connection between you and a third
> party?
And, of course, *just* as I hit send, I remembered it was in RISKS, linking
to EFF:
https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks
Note that's dated 11 November, so this is a couple weeks old now.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
More information about the NANOG
mailing list