You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2024-03-25 09:33:47
- anacron
- Member
- Registered: 2020-01-26
- Posts: 40
SMTP with TLS
The wiki for Postfix explains how to configure TLS.
https://wiki.archlinux.org/title/postfix#TLS
My question is: why is the TLS certificate information only relevant when *receiving* mail? Is it not the server (i.e. sender) that is responsible for the encryption?
Offline
#2 2024-03-25 10:58:23
- mpan
- Member
- Registered: 2012-08-01
- Posts: 1,599
- Website
Re: SMTP with TLS
Both sides of communication are equally responsible for encryption. But certificates have little to do with encryption.
Encryption requires authentication.⁽¹⁾ Otherwise it would be vulnerable to MitM. A certificate confirms to the side making a connection, that what they talk to is what they intend to talk to. It’s the sending party, that initiates the connection, so your server is what is being connected to and has to prove its identity.
____
⁽¹⁾ This is separate from authenticated encryption. It too provides authentication, but the reasons differ.
Paperclips in avatars? | Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
#3 2024-03-27 08:54:55
- cryptearth
- Member
- Registered: 2024-02-03
- Posts: 2,186
Re: SMTP with TLS
There're about 4 situations when e-mail comes into contact with cryptography:
1) end-to-end encryption of the mail itself using S/MIME or PGP
2) transport encryption when a user connects to thier mail provider and login credentials are exchanged
3) transport encryption between mail servers
3) storage encryption on the mail server
What you linked is about 2 and 3: encryption of the transport channel.
For 2 a secured connection should be used only as user credentials are exchanged. For this only the mail server requires a certificate as it has to prove its identity to the client. This can be done either via full encrypted channels, those which do a TLS handshake before any data are transmitted, or via upgraded channels using STARTTLS command.
Yes, TLS offers mutual authentication so a client certificate could be an option but this is very rarely used all over the internet (although it would solve so many issues with password leaks).
As for 3, the encryption of the transport channel between mail server, I personal don't see any real point other than an easy way of checking authenticity with additional techniques like DANE which builds on-top of PKI.
Mail servers are required to accept unencrypted connections from other mail servers for regular mail transport. This connection can be upgraded with STARTTLS but there's no real benefit other than the sending mail server can check it's actually talking to the correct receiving mail server.
Unless you have other means for the users to have a secured connection to your mail server to protect thier login credentials (like a vpn or a webmail over HTTPS) you should set up TLS at least for the user connections to protect thier credentials.
If you set up TLS also for receiving mail from other mail servers or even for outgoing connections is up to you.
If you do host your own mail server make sure to prevent open relays by always require authentication for sending outgoing mails.
Offline
Pages: 1