ISPDB configs without STARTTLS and/or SSL

Andrew Sutherland asutherland at asutherland.org
Sat Jan 19 15:49:47 UTC 2013


On 01/19/2013 10:10 AM, Ben Bucksch wrote:
> However, without supporting plain (non-SSL) connections, you are going 
> to miss a huge amount of configs. Ditto with POP3.

I think there remains a strong case for user privacy that we should not 
facilitate the use of unencrypted e-mail connections at all.  A similar, 
if less strong, case can be made for requiring valid SSL certificates.  
There are free alternatives like gmail that are known to be, at the very 
least, competent.  And there are free SSL certificates available from 
StartCom and maybe others.


> Dropping the user into manual config is highly unfair, because that 
> sends the user searching for something that we *know* doesn't exist. 
> The point of autoconfig was to save time for the user, not waste it.

All solutions right now are stop-gap, unfortunately.  I am entirely 
on-board that if we can know with near-certainty that we don't support 
something and believe that the information is still correct, that we 
should say it.

If we could treat the lack of a supported configuration from the ISPDB 
as 100% evidence, we could do the friendlier thing there.  But as you 
noted, the ISPDB assumes an e-mail client that supports STARTTLS (so may 
not include SSL-only items) and that the client does not support 
ActiveSync.  So it's hard for us to have an error message that indicates 
with absolute certainty that we don't support the account at all until 
we fix up these various deficiencies.


> Compiling this list took some time, so please draw some constructive 
> conclusions from it.

The list is greatly appreciated!  Thank you!  I have linked to it and 
included the startTLS excerpts on the mozTCPSocket startTLS bug at 
https://bugzilla.mozilla.org/show_bug.cgi?id=784816.  I expect to also 
use it as a basis if we need to revisit whether or not to allocate 
resources to supporting POP3.  I personally am of the mind that people 
should switch e-mail providers in that case as well, but that's not the 
decision-making process :)

Andrew





More information about the tb-planning mailing list