SMTP Health Campaign

Email is dying, and for a good reason: SMTP is kept insecure all around the world.

Dear postmasters

As of 2021, the large majority of SMTP servers are still not enforcing STARTTLS against either DANE or valid SSL certificate chains. This is a problem, since email messages are supposedly confidential. Opportunistic STARTTLS is defeated with MITM attacks by simply downgrading to plain-text.

And even those outbound MTAs which do enforce STARTTLS, mostly don’t verify the PKIX certificate on the MX end. This can also be defeated, by simply offering an invalide certificate in the middle.

Let us simply enforce inbound / outbound STARTTLS and MX certificate validation, shall we?

Proposed practice

As an email user, you can mention that your email is secured by referring to this page, for example as user@example.net (STARTTLS).

As a postmaster, you can link to this page to make clear to other postmasters they need to enable crypto.

530 5.7.0 Must issue a STARTTLS command first (https://nethence.com/smtp/)

As an MX:

• Enforce STARTTLS
• Valid server certificate(s) with either PKIX or DANE (possibly multiple certificates)
• TLS v1.0 onwards and provide an RSA certificate for backward compatibility

As an outbound MTA:

• Enforce STARTTLS
• Make sure your PKIX CA trust store is well defined and kept up-to-date
• Enforce PKIX and DANE for MX certificate verification
• TLS v1.0 onwards for backward compatibility

Public network survey

• Jan 2020 (last year)
• Jan 2021 (on-going…)

Resources

THE SAD STATE OF SMTP ENCRYPTION https://blog.filippo.io/the-sad-state-of-smtp-encryption/

A system for ensuring & authenticating STARTTLS encryption between mail servers https://github.com/EFForg/starttls-everywhere

ssl tuning

POSTFIX AND STARTTLS https://pub.nethence.com/mail/postfix-tls

Let’s tune our cipher suites https://pub.nethence.com/security/ciphers

Strong Ciphers (see Other Software section) https://syslink.pl/cipherlist/

Applied Crypto Hardening https://bettercrypto.org/