[Reportbug-maint] Bug#733885: reportbug: Encrypt SMTP connection with TLS as default

Axel Hübl axel.huebl at web.de
Wed Jan 1 20:17:44 UTC 2014


I can not agree on the argumentation.

The "safest bet" will only be the most-likely setting to work (in the
90s). But to stress that, nowerdays most of the mail servers (lets say
T-Online for instance) do not even allow non-encrypted client
connections any more.

The second argument: "whats private about the mail?"
The bug report mail itself is totally low priority in body and meta
data. And TLS does not ensure that, since it is only transport securtiy.
But I actually prefer to keep the login+credentials of my complete
*mailbox* private when I report a bug (and tls ensures that).

I want to request to re-open the issue for further discussion.

On 01.01.2014 21:04, Sandro Tosi wrote:
> tags 733885 wontfix
> thanks
> Hello,
> On Wed, Jan 1, 2014 at 8:57 PM, Axel Huebl <axel.huebl at web.de> wrote:
>> Since the usual reports via SMTP will be send through untrusted networks, one
>> should enable TLS by default.
> While every SMTP server supports SMTP (of course..) not everyone out
> there supports TLS, and no-one knows better than the user configuring
> reportbug; if they don't know, then choose the safest bet, don't use
> TLS (hence the default).
> Also, what's so "private" in a mail that (at the end of the trip) will
> reach a public web site where the mail body+headers are available?
> I don't see anything to fix here, hence closing as wontfix.
> Regards,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3740 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.alioth.debian.org/pipermail/reportbug-maint/attachments/20140101/36f6c577/attachment.bin>

More information about the Reportbug-maint mailing list