Cox external MTA and SSL
When I send out email from my cox account, to my my private email server, STARTTLS is not issued by Cox MTA to encrypt the mail in transit. Here's example: 220 smtp.<redacted>.net ESMTP EHLO fed1rmfepo201.cox.net 250-smtp.<redacted>.net 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN MAIL FROM:<redacted@cox.net> SIZE=3788 250 2.1.0 Ok RCPT TO:<redacted@<redacted>.net> etc... fed1rmfepo201.cox.net is failing to begin an encrypted session and is therefore sending everyone's (at least my) email across the internet in plain text. Since Gmail can issue the STARTTLS command to this server to send encrypted email, I don't see why Cox can't or won't. As you can see from the above packet capture, STARTTLS was available and Cox didn't even attempt to use it. I have seen a lot of threads about Cox and SSL/TLS. There is a recent one about "inbound" email to Cox customers not being encrypted in transit. Is anyone going to address the issue anytime soon or what?1.3KViews0likes1Comment
