----------------------------------------------------------------------------------
@MSGID: 2@dont-email.me> ae9d4c82
@REPLY: <hfegcidhm3g1g4qvhv0p93d6vc002npj2s@4ax.com>
37beb6b4
@REPLYADDR Ottavio Caruso
<ottavio2006-usenet2012@yahoo.com>
@REPLYTO 2:5075/128 Ottavio Caruso
@CHRS: CP866 2
@RFC: 1 0
@RFC-Message-ID: 2@dont-email.me>
@RFC-References: 1@dont-email.me>
<hfegcidhm3g1g4qvhv0p93d6vc002npj2s@4ax.com>
@TZUTC: 0000
@PID: Mozilla/5.0 (Windows NT 10.0; rv:102.0)
Gecko/20100101 Firefox/102.0
@TID: FIDOGATE-5.12-ge4e8b94
Am 31/07/2023 um 22:47 schrieb
ChadT@Here.com:
> On Mon, 31 Jul 2023 14:17:56 +0000, Ottavio Caruso
> <
ottavio2006-usenet2012@yahoo.com> wrote:
>
>> I have been told that STARTTLS can encrypt an SMTP transaction end to
>> end (sender to receiver), but my understanding is that STARTTLS only
>> encrypts the segment from the sender`s MUA to the sender`s MTA.
>>
>> This, obviously, without using PGP.
>
>
https://mailtrap.io/blog/starttls-ssl-tls/
>
> STARTTLS is not a protocol but an email protocol command. It`s used to
> tell an email server that an email client (such as Gmail, Outlook,
> etc.) wants to upgrade an existing insecure connection to an encrypted
> one using SSL or TLS.
>
> However, if a server doesn`t support encryption or is malicious,
> running this command can result in clients establishing an insecure
> connection, opening the door for the silent transmission of
> unencrypted, potentially sensitive personal data.
>
> STARTTLS, except for SMTP, is also used with IMAP protocol,
> traditionally used for retrieving emails from an email server. POP3,
> another protocol for receiving emails, uses a similar command called
> STLS.
>
> Note: As STARTTLS doesn`t guarantee a secure connection, users should
> be discouraged from using it or use other measures in conjunction with
> STARTTLS, such as using strong authentication methods, encrypting the
> email content with end-to-end encryption (e.g., using PGP or S/MIME),
> and verifying the digital signatures of email messages.
>
Nice copy paste but it doesn`t answer my question.
--
Ottavio Caruso
--- Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0
* Origin: A noiseless patient Spider (2:5075/128)
SEEN-BY: 5001/100 5005/49 5015/255 5019/40 5020/715
848 1042 4441 12000
SEEN-BY: 5030/49 1081 5058/104 5075/128
@PATH: 5075/128 5020/1042 4441