From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id D5B5813888F for ; Fri, 16 Oct 2015 11:15:53 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3E6C0E0875; Fri, 16 Oct 2015 11:15:42 +0000 (UTC) Received: from mail-wi0-f175.google.com (mail-wi0-f175.google.com [209.85.212.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EC212E086C for ; Fri, 16 Oct 2015 11:15:40 +0000 (UTC) Received: by wicgb1 with SMTP id gb1so4855393wic.1 for ; Fri, 16 Oct 2015 04:15:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=vdDrPpQ48Kjzoce/X7iOBQN5UoEM72/bb2A47F+1fKs=; b=TwO/EKEwAkyS16QjqHAz1HfvFOh0TRUmASNp29RWB1RMaD8aZlO6gj2HAWHTexWQmL KnkFOf29sNnfDlQ+ltRtzKrOF+/Lw7zT14RPhMqxRz4WxTNzO0j4l/7Vd/Esv7nVpMQ4 HNVTQYjj/J+3eflX8Kgzu2y0D1gqpuuosyoUex0HpW+SgbmvbILgoH1ot4GxHUJQoBSM hPrJoIOuY+5GlCSNEqFdjSpiFzHAf5L8wCKkj9m9PjAk9y8/9XQ/Nt7hA3hy1npjADNk B9il166v3Z6gQtQAiox/XH2KEKqEXek/zi2gBduALl1nj0efzknxlbBRRUDByhXtxR7E q0Kw== X-Received: by 10.194.108.103 with SMTP id hj7mr16158583wjb.46.1444994139424; Fri, 16 Oct 2015 04:15:39 -0700 (PDT) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230]) by smtp.gmail.com with ESMTPSA id fv5sm2840181wic.7.2015.10.16.04.15.37 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 16 Oct 2015 04:15:38 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Technical imap mail question Date: Fri, 16 Oct 2015 12:15:37 +0100 User-Agent: KMail/1.13.7 (Linux/4.0.5-gentoo; KDE/4.14.8; x86_64; ; ) References: <20151015100422.55984dd8@a6> <201510152301.26906.michaelkintzios@gmail.com> <20151016051418.GA9839@boxi.hartikainen.me> In-Reply-To: <20151016051418.GA9839@boxi.hartikainen.me> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1683933.3Ux2eaGNUP"; protocol="application/pgp-signature"; micalg=pgp-sha256 Content-Transfer-Encoding: 7bit Message-Id: <201510161215.40506.michaelkintzios@gmail.com> X-Archives-Salt: 4dc5258e-2793-4ed5-a295-662e45235a1b X-Archives-Hash: 0ee090d7ee4441b28551a0beec215aed --nextPart1683933.3Ux2eaGNUP Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Friday 16 Oct 2015 06:14:18 Tuomo Hartikainen wrote: > On 2015-10-15 23:01, Mick wrote: > > On Thursday 15 Oct 2015 18:04:22 walt wrote: > > > My ISP recently started offering imap email service in addition to > > > the pop3/smtp servers they've always had, so I decided to try it. > > >=20 > > > I was surprised to see that they recommend using a different smtp > > > server name when setting up my mail client, and they even offer the > > > option of using port 587 instead of 465 if I prefer it. > > >=20 > > > Why would I use a different smtp server if I'm now using imap? I use > > > smtp to send mail, and imap to read it, right? Why not use the same > > > smtp server in either case? > > >=20 > > > (The different server names actually resolve to the same IP address, = so > > > the distinction seems to be more theoretical than real, but the theory > > > is what puzzles me.) > > >=20 > > > Thanks. > >=20 > > Port 587 is for TLS and is the proper port to be used by MSAs as per > > RFC6409. > >=20 > > Port 467 on the other hand is for SMTPS: vanilla SMTP at the applicati= on > > level, but the communication to the server is still secured at the > > transport layer with SSL. This was an IANA attempt to provide a port > > for secure email communication pre-STARTTLS days. Today I think may be > > used for other purposes, but I am not sure if it is TCP or UDP > > streaming. >=20 > As a clarification: port 587 *may* be used with STARTTLS while port 465 > is the actual SSL/TLS port. Yes indeed, the TLS usage is coincidental with RFC6409, rather than specifi= ed=20 by it and even the use of port 587 is not obligatory (port 25 can still be= =20 used). As I mentioned port 465 is not specified by IETF, but was offered b= y=20 IANA to run SMTP over an SSL secure connection but this was rescinded some= =20 time later. The thing with STARTTLS is that the client may decide to degrade the=20 communication to plain text, if what is sent by the server (protocol, ciphe= r,=20 etc.) is deemed not appropriate. Some clients won't even notify the user. = =20 MITM attacks can be engineered to intercept a communication with a mail ser= ver=20 to degrade the connection from the MUA on purpose. A dedicated TLS connect= ion=20 would be the best thing and some setups offer 465 for this purpose. =2D-=20 Regards, Mick --nextPart1683933.3Ux2eaGNUP Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAABCAAGBQJWINxcAAoJELAdA+zwE4YeYk0H/1M69fP4716+Y9sOv7DaJ2yS R+Qsl8OTxu6FTw17u8ds8n8uKV7mBrfyujESDYkOHRn4QwerdprJtEAdPAyBW7Jt KCclAvgKSQgFy0np8fPThW9EdpKBUUIcYHRnCPqB4Zc2+9r9Dvak1m7qtfBBLA60 /BrHdS38lzoTQLyF2vOASTWVvZyXqK94k71hzJ/6JFypPsk0wrhk0DS+WATGABaC R3dSg64PsoCjJYMSjlPu5faDZbpIDMIByGjK99qatZLpdguiTCOPy1Z4mrxVGMPw 0kTZqQQwulEMnrkFswZM9xS7rnA9KK2/Kc8ZqLDzLplYxkZe4DQGugO0AwSpG3Q= =2Xzf -----END PGP SIGNATURE----- --nextPart1683933.3Ux2eaGNUP--