Commit 0b415f86 authored by anonym's avatar anonym

Suggest using StartTLS for EHLO/HELO test.

Then the password is never leaked.
parent 8409d143
Pipeline #832162 skipped
......@@ -121,7 +121,10 @@ tracked by tickets prefixed with `todo/test_suite:`.
1. Start Icedove using the GNOME Applications menu.
2. Disable SSL/TLS for SMTP in Icedove (so take precautions for not
leaking your password in plaintext by either changing it
temporarily or using a disposable account).
temporarily or using a disposable account). Or better, configure
StartTLS, since it will send two EHLO/HELO: one before TLS is
initiated; one after. The assumption here is that Icedove will
send the same both times.
3. Run `sudo tcpdump -n -i lo -w dump` while sending an email to
capture the packets before Tor encrypts it, then close
tcpdump. Note that the packet containing EHLO/HELO will be sent
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment