Tuesday, February 4, 2025
Latest:
Linux serverNETWORK ADMINISTRATIONSsmtp server liux

LinuxFest Northwest 2019: We can fix email server encryption!

Presented by Sydney Li

For years the SMTP protocol that email servers use to deliver your mail over the Internet has had an encryption option, called STARTTLS. This server-to-server encryption feature has only recently become common, and the way it’s typically used is still very fragile. An attacker can trick servers into turning off the encryption (downgrade) or using the wrong encryption key (man-in-the-middle). This talk will be centered on a demo of the problems and work we and others have been doing to fix them.

First, I’ll break the encrypted connection between two demo mailservers, showing that we can intercept or modify emails even when server admins think they’ve turned on encrypted email delivery. Then, I’ll talk about why this is possible and the different solutions the ecosystem is working towards to solve the problem, including DANE, MTA-STS, and how our STARTTLS Everywhere project fits in. Finally, I’m going to fortify the TLS support on some Postfix mailservers, with brand-new tooling released in the past year.

source

by linuxfestnorthwest

linux smtp client

You May Also Like

IPv6 Only S2 EN

How to Bypass Login Windows Server use HirenBoot

Alice AUSTIN

Get Google Cloud 1 Month Subscription 🔥🔥🔥Without Credit Card Or Edu Mail / Unlimited Credits For RDP