View Single Post
Old 16 Sep 2018, 11:51 PM   #2
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,737
The real solution to the man-in-the-middle attacks that allow downgrading of the security in message transfers is improved security around DNS. As I understand it, there are no known ways to intercept SMTP traffic via downgrade attacks when DNSSEC is properly implemented. The EFF STARTTLS policy list, which may or may not make a difference depending on whether the correspondent mail service references it, is an inelegant hack.
BritTim is offline   Reply With Quote