Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SMTP REQUIRETLS support #123

Closed
foxcpp opened this issue Aug 28, 2019 · 1 comment
Closed

SMTP REQUIRETLS support #123

foxcpp opened this issue Aug 28, 2019 · 1 comment
Assignees
@foxcpp
Labels
mta-in Related to incoming message processing part of the MTA functionality (mail exchanger). new feature New feature.

Comments

@foxcpp
Copy link
Owner

foxcpp commented Aug 28, 2019

Abstract (copied from specification)

The SMTP STARTTLS option, used in negotiating transport-level
encryption of SMTP connections, is not as useful from a security
standpoint as it might be because of its opportunistic nature;
message delivery is, by default, prioritized over security. This
document describes an SMTP service extension, REQUIRETLS, and message
header field, TLS-Required. If the REQUIRETLS option or TLS-Required
message header field is used when sending a message, it asserts a
request on the part of the message sender to override the default
negotiation of TLS, either by requiring that TLS be negotiated when
the message is relayed, or by requesting that recipient-side policy
mechanisms such as MTA-STS and DANE be ignored when relaying a
message for which security is unimportant.

Specification

IETF I-D: https://tools.ietf.org/html/draft-ietf-uta-smtp-require-tls-09
@foxcpp foxcpp added mta-in Related to incoming message processing part of the MTA functionality (mail exchanger). new feature New feature. labels Sep 10, 2019
@foxcpp foxcpp mentioned this issue Sep 10, 2019
Closed
foxcpp added a commit that referenced this issue Nov 29, 2019
@foxcpp
Update go-smtp
a15118f 
This commit does not enable support for SMTPUTF8 (we are not conformant
to RFC 6531 yet, #165) nor for REQUIRETLS (more changes are needed to
implement it correctly, #123).

It just fixes code to account for backward-incompatible changes and adds
a new field to MsgMetadata to store MAIL FROM arguments in.
@foxcpp foxcpp mentioned this issue Dec 12, 2019
Open
@foxcpp foxcpp added this to the 0.1 milestone Dec 12, 2019
@foxcpp foxcpp modified the milestones: 0.1 - "It works", X.Y - "Eventually" Feb 11, 2020
@foxcpp
Copy link
Owner Author

foxcpp commented Feb 11, 2020

Dropping from 0.1 milestone, extension is not really worth adopting this early since underlying protocols (MTA-STS, DANE, DNSSEC) are not widely adopted either yet and other major implementations have no plans on implementing REQUIRETLS.

@foxcpp foxcpp self-assigned this Jun 10, 2020
@foxcpp foxcpp removed this from the X.Y - "Eventually" milestone Jul 16, 2020
@foxcpp foxcpp closed this as completed in 30c50b6 Aug 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@foxcpp foxcpp

Labels
mta-in Related to incoming message processing part of the MTA functionality (mail exchanger). new feature New feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@foxcpp