mailing list archives
Re: Web Tool Announcement: ismymailsecure.com
From: Holger Rabbach <hrabbach () crossroad-networks com>
Date: Wed, 25 Aug 2010 10:39:07 +0200
it does not - yet. This is actually what I'm working on at the moment.
However, since most MTAs at the moment don't do this kind of check, it
is not very useful. So the tool currently only checks for encryption
capabilities, it does *not* check for protection against MiTM attacks.
The next, enhanced version of the tool will have an optional check for
this and also the supported ciphers.
On 25/08/2010 09:59, Kari Hurtta wrote:
Holger Rabbach <hrabbach () crossroad-networks com>: (Wed Aug 18 12:59:19 2010)
[ Charset ISO-8859-1 converted... ]
Dear Bugtraq community,
I am happy to announce the immediate availability of a web based email
security testing tool at http://www.ismymailsecure.com. The tool is an
end-user friendly way to determine if the mail servers for a certain
email address support the STARTTLS capability to encrypt the email
transfer between servers. While most email providers have frontends that
use encryption, the actual email transfers via SMTP are often not secure
It seems not check if certificate returned is signed by trusted CA.