[jira] [Assigned] (INFRA-11284) Consider forwarding mail with TLS

["Chris Lambertus (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/INFRA-11284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chris Lambertus reassigned INFRA-11284:
---------------------------------------

    Assignee: Chris Lambertus

> Consider forwarding mail with TLS
> ---------------------------------
>
>                 Key: INFRA-11284
>                 URL: https://issues.apache.org/jira/browse/INFRA-11284
>             Project: Infrastructure
>          Issue Type: Improvement
>          Components: Mail (qmail)
>            Reporter: Christopher Tubbs
>            Assignee: Chris Lambertus
>            Priority: Minor
>              Labels: encrypt, security, smtp, tls
>
> GMail recently added a little padlock icon to received mail which indicates it received that email via an unsecured connection. This icon appears for email forwarded to GMail from my apache.org address, indicating ASF is not delivering traffic to the destination SMTP servers with TLS (presumably STARTTLS on port 25, but I don't see details) when possible. Presumably, this doesn't just affect GMail, but any destination server our apache.org mail is being forwarded to (not all of which will support TLS).
> While mailing list activity is generally public, some people may receive private, interpersonal, or sensitive email to their apache.org address (it's possible... I wouldn't recommend it, but you can't always control what you receive). At the very least, the mail headers, indicating the user's, potentially private, forwarding address is not safe-guarded.
> I would probably rate this personally as pretty low-risk, low-priority, but it might be worth considering using TLS, when possible, to deliver forwarded email.
> https://support.google.com/mail/answer/6330403
> https://www.google.com/transparencyreport/saferemail/faq/



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)