If I read this correctly, starttls will fail due to the MITM attack. That is the
client knows security has been compromised. Using SSL/TLS, the MITM can use SSL
stripping. Since most Postifx conf use "may" for security, the message
would go though unencrypted. Correct???
Is there something to enable for perfect forward security with starttls?
? Original Message ?
From: s.arcus at open-t.co.uk
Sent: August 21, 2017 3:07 PM
To: dovecot at dovecot.org
Reply-to: dovecot at dovecot.org
Subject: Re: pop 110/995, imap 143/993 ?
On 21/08/17 22:18, Joseph Tam wrote:>
> Lest anyone think STARTTLS MITM doesn't happen,
>
>?????
https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/
>
> Not only for security, I prefer port 993/995 as it's just plain simpler
> to initiate SSL from the get-go rather than to do some handshaking that
> gets you to the same point.
Frankly, after reading the above link and some more info on the internet
on the subject, I am now wondering why do we bother at all with STARTTLS
for imap, pop3 and even smtp (and by the way, port 465 for SMTP +
SSL/TLS *is* indeed deprecated officially)? It would appear that
STARTTLS is significantly more vulnerable to MITM attacks than plain
SSL/TLS for all the above protocols. Is the slight extra convenience of
opportunistic encryption really worth the substantial loss in security?