Dnia czwartek, 15 maja 2014 20:26:27 grarpamp pisze:
pesky to/from/subject/etc headers.
Oh boy, here we go. Those are hidden by use of TLS.
Have you not been following the weaknesses intrinsic to SMTP discussions? Yes, they are hidden in TLS transport on the wire. No, they are not hidden in core or on disk at the intermediate and final message transport nodes. That's bad.
And I don't think they're hidden in any meaningful way on the server-to-server wire. As in: whose mailserver validates TLS of the destination server? That's actually an interesting research question. This goes for other semi- decentralised, client-server services like XMPP for instance. And even if they do validate it, thinking that NSA et al do not have root certs allowing them to MITM the communication as they wish is naivety. -- Pozdr rysiek