James Knott wrote:
On 03/25/2015 07:04 PM, John M Andersen wrote:
Several big ISPs were caught doing this which is why StartTLS is a bad idea.
My take on that article is that it's still recommended, but with plans to make things more secure. Of course, if the Internet is classified as a utility, then the ISPs may be open to prosecution for tampering with email.
Oh, they are already - ISPs are classed as telecommunications providers subject to the regular Fernmeldegesetz. They are pretty much subject to the same regulations as the Post Office. Tampering with the _exchange_ of the same emails might be another matter. In my business we "tamper" with the exchange all the time - for instance, we disable our own STARTTLS when the other side can't figure out how to work with it, we disable pipelining when it doesn't work, postfix automagically fixes Cisco PIX bugs etc etc. -- Per Jessen, Zürich (5.5°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org