<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="DE-CH" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<div>
<p class="MsoNormal"><span lang="EN-US"><br>
>> In RFC3207 (2002) the use of TLS encryption was added to SMTP; to<br>
>> change from TCP to TLS the command STARTTLS was added. RFC8314 (2018)<br>
>> recommends the use of „Implicit TLS“ iso STARTTLS.<br>
> <br>
> Apology for my uncertainty and confusion. By "iso" do you mean<br>
> "equivalent to"? "Contrasting to"?<br>
> <br>
iso = instead of = contrasting to<br>
<br>
> Over years, "official" meanings and recommendations have changed.<br>
> </span><a href="https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers"><span lang="EN-US">https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers</span></a><span lang="EN-US"><br>
> Ref. 465 and 587.<br>
<br>
Indeed, the history of the SMTP ports is a little confusing. Basically, in today‘s world it is strongly recommended to use SMTP with encryption. As POP and IMAP use dedicated ports for implicit TLS, SMTP should do the same.<br>
Therefore, in the long run<br>
465 = SMTP over TLS should be the goal<br>
587 = SMTP over TCP with change to TLS via STARTTLS was a kind of quick add-on in 2002 to add encryption to SMTP.
<br>
<br>
1) 465 implicit TLS<br>
2) 587 with STARTTLS<br>
3) 587 without STARTTLS<br>
<br>
> Guenter Feldmann begin work on SSL in ETH Oberon more than a decade<br>
> ago. I recall using scp. Also Guenther added SSH in A2 years ago? I<br>
> don't know the current status in A2.<br>
<br>
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">A decade ago, we had TLS 1.2 (RFC5246, 2008). Today, we are at TLS 1.3 (RFC8446, 2018)<br>
Most probably, some of Guenter‘s good work must be adapted.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">> Another possibility is a TLS tunnel, as available by stunnel in Linux.<br>
<br>
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Yes, if you are not native but run Oberon OS on top of another OS, you can use the TLS functionality of the underlying OS.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">> Therefore, I think of the analogue for SMTP. Add AUTH PLAIN in<br>
> Oberon.Mail.OpenSMTP.<br>
<br>
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Authenticating a user with a password to the mail server is independent of the underlying transport encryption with TLS.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">br<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Jörg<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
</div>
</body>
</html>