Infomaniak claims to use TLS, but

The first link in the TLS chain is executed via a purely internal network by the webmail and Smtp servers and is not available in TLS for performance reasons.

is this normal, acceptable, irrelevant, standard, a red flag?

they are the biggest hosting provider of Switzerland, so I somehow have a hard time believing, they lack resources to implement TLS right.

  • EinfachUnersetzlich@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    I think they’re saying that TLS isn’t used for submitting an email for outbound delivery and that both the webmail and initial SMTP servers are on the same internal network.

    Sounds reasonable to me. What would TLS gain there?

    • olosta@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      10 months ago

      The gain would be that an attacker having a foothold on the internal network (by having a physical access or hacking a device on it) would be able to sniff and modify outgoing emails.

      I’m a bit sceptical about the performance claim on modern hardware.

      That said it’s not a completely unreasonable tradeoff.

      • Kit
        link
        fedilink
        arrow-up
        7
        ·
        10 months ago

        If an attacker is already inside and has access to a server, they have bigger problems to worry about.