communication. Otherwise, data transfer will be done in a clear text format.
Here, the two servers cannot use TLS by default because they won’t know whether the other server supports TLS. Especially if the two servers are from two different mail providers, it won’t be possible for them to know beforehand whether the other one supports TLS. And, the attacker takes this advantage to perform a Man-In-The-Middle (MITM) attack.
The attacker first listens to the communication between the two mail servers. When the destination mail server sends a STARTTLS to determine whether the source mail server supports TLS, the attacker replaces the STARTTLS command with a garbage string.
The source mail server receives the garbage string and ignores it. But, the destination server assumes the source mail server does not support TLS. And the communication falls back to using clear text. Now, the attacker can easily read the sensitive data getting transferred.
How to prevent the TLS downgrade attack while transporting emails?
SMTP STP is a recent technology that can effectively mitigate this …






0 Comments