From nobody Sun Nov 24 21:05:01 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XxLvT0gcPz5dgw9 for ; Sun, 24 Nov 2024 21:05:09 +0000 (UTC) (envelope-from panos.manganaris@gmail.com) Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XxLvS3KG2z4hV5 for ; Sun, 24 Nov 2024 21:05:08 +0000 (UTC) (envelope-from panos.manganaris@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=AnZsXLHw; spf=pass (mx1.freebsd.org: domain of panos.manganaris@gmail.com designates 2607:f8b0:4864:20::f2e as permitted sender) smtp.mailfrom=panos.manganaris@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-qv1-xf2e.google.com with SMTP id 6a1803df08f44-6d40bdbb59dso29841986d6.3 for ; Sun, 24 Nov 2024 13:05:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732482307; x=1733087107; darn=freebsd.org; h=mime-version:message-id:date:references:in-reply-to:subject:to:from :from:to:cc:subject:date:message-id:reply-to; bh=aDcNI9w+uUAJgIjTBc3D1Qns3crS70KVf4eoSwiVT6g=; b=AnZsXLHwTg94jltF1Jb+89dgn7PsTmW27MJZ8tz0oe1xQ1vgHfQyJHbIK8Pdo7mc9b ZP6d6TNZuJ4eFAana2x5KOeQBNmJQg5SoKpIYzxIB2PYpHun7nhk2RkCXEa4fAoLckIr GYUtsoMi34VclJm3y1LKkeu2EKYBt8+9Y/Ct+XR6RNOmPGHbASf28piEK58xEBmX65jF 4LYDhMyZvof8vF78gCGedFTHEgexHYcjuxOaK69pclb6LAQOIU9ddhYmvrFXiAW4l0AK d4KIYxN57kji6nR5Fi3C7Z5CoobMkIyxU1+hWacwzSpRYmh52HK7C19lFj1+yGLJY/Nr Ttkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732482307; x=1733087107; h=mime-version:message-id:date:references:in-reply-to:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aDcNI9w+uUAJgIjTBc3D1Qns3crS70KVf4eoSwiVT6g=; b=ogJlbxPI4R5+eutghm4ku1XrPleaF2VYZ3TJHyJgCtZOAzCOzKO+jRD19CtjQDUikh ZY8WBrgc8E7lABVuWPZiyTnnll4jxo2hU+GqZbJGNUuYwgXre0YaTi1XudcQIq/UFz5b WvPrODCM1H4ptryRTuHKqa60R+pMZT/F/x2q11LpcH6vWqoOvKEp665zEWKs4Qw8f24Y RN+RdosQlpZ2qn25LI2HAIzrDFBg3i0aCMKF9eD6Fr9rPGAbhiPzQTOgvdNackthzJeX E65AvQ0x21zr5+ttxj5ZfV/7LFmVwW5IPfZORypMZpvgeq+n8J1UsriRiWIN+RmysZfT W0CQ== X-Forwarded-Encrypted: i=1; AJvYcCW5jepbTeu01GOkG0915w2Q9xQDDcSkyPw/RwfWkme9CJsli+oPGbzrIfjr5IYVsxurDvkr24wwsLzVoqJGb4rCyQ==@freebsd.org X-Gm-Message-State: AOJu0YxNcV1ijGtn0FcqktgQc39lwSboD1ozYCG/jIgTLHhp7Bgc76XH TRmiRv2hnCNzxenGGPECIMRdNNAPVjFiU+x88T0NZxY4380M6A4v X-Gm-Gg: ASbGnctC6F7xHgd9DXeiA4ALe1HV/hfkePJtdLuesz3zWztmPp+OP0bxg6WzO5N6WbU 2ZjRKgrosxY/Fm/fLQP0bIekFAzF3gcTozB90PtBD8ZXSm5jM9RVznI0a1m4LffgQr+cYUs3Jjc 1miBGo8/Cvw5aIR3uzBi4YzSuGQkotavFTcYOxmJu8HaC5W3RLl9SADxQRT8zMeauN5n7eH6gw8 knCXuxDLeg6CBxRcxsvzhvTeHJiaX+iAUJ7oxCQX1NTcCZZ2r2EM/Dz5fSZ X-Google-Smtp-Source: AGHT+IGg6HV19Kyn2kmXVU4rlpSw5x+pk0l3iKLbrF77bCeTba3cLBjBJFaL9S0CVa/qjvbp/cL2RQ== X-Received: by 2002:ad4:5f0f:0:b0:6d4:19d2:2089 with SMTP id 6a1803df08f44-6d45138d320mr160528736d6.32.1732482307466; Sun, 24 Nov 2024 13:05:07 -0800 (PST) Received: from localhost ([2600:2b00:8e32:4200:7f1f:1dd0:692a:ca60]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7b66a34f94csm61038785a.34.2024.11.24.13.05.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Nov 2024 13:05:07 -0800 (PST) From: Panayotis Manganaris To: Paul Eskello , freebsd-questions@freebsd.org Subject: Re: dragonfly mail agent (dma) no tls by default In-Reply-To: References: Date: Sun, 24 Nov 2024 16:05:01 -0500 Message-ID: <875xocz6ki.fsf@ASCALON.mail-host-address-is-not-set> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain X-Spamd-Result: default: False [-3.84 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-0.999]; NEURAL_HAM_SHORT(-0.84)[-0.840]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_DN_SOME(0.00)[]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; FREEMAIL_ENVFROM(0.00)[gmail.com]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+]; TAGGED_FROM(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; TO_MATCH_ENVRCPT_SOME(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; TAGGED_RCPT(0.00)[]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::f2e:from] X-Rspamd-Queue-Id: 4XxLvS3KG2z4hV5 X-Spamd-Bar: --- Paul Eskello writes: > why is tls (yeah well, starttls) disabled by default? I reckon this is because the relevant configuration is not entirely standardized. Many servers offer IMAP+STARTTLS i.e. STARTTLS over IMAP port 143 instead of the traditional IMAP over SSL/TLS (IMAPS) on port 993. > Isn't that too conservative in soon-to-be 2025? Regardless of date, an engineer should be as conservative as needed to uphold the principle of least surprise. Sometimes that means admins must assign ports as needed.