[bug-mailutils] TLS certificate checking and enforcement for mailutils client programs

[Daniel Kahn Gillmor]

Hello again--

Another question about secure connection techniques:

i see that mail has a --tls=BOOL option for connecting with
TLS-capable servers.  What i can't tell is how the TLS certificates
are verified.  Without proper certificate validation, TLS connections
are vulnerable to man-in-the-middle attacks from an active attacker
(one who can intercept and modify traffic).

Usually certificate validation/verification is handled by specifying a
file or directory containing the certificates of trusted X509
certificate authorities.  the mailutils imap4d and pop3d both
implement this approach with their --ssl-cafile options [0].  However,
there are many more setups with server-side certificates these days
than client-side certificates.  So certificate checks are probably
even more important from the other direction: the client verifying the
server.

but /usr/bin/mail (at least verion 0.94) doesn't seem to support a
--ssl-cafile option, and i don't see any reference to a comparable
option for this program.

Furthermore, it's not clear to me how to *force* TLS from the client's
point of view.  That is, you should be able to instruct a TLS-aware
client to terminate the connection if the TLS negotiation fails, so
that you don't risk exposing traffic over an insecure connection.
>From the documentation, it's not clear that the --tls option allows
for this kind of rigor.

Does one of the folks on this list who understands mailutils better
than i do care to explain the situation?  If mailutils isn't capable
of these distinctions, are they desired features?

Thanks for the great software,

        --dkg

[0] http://www.gnu.org/software/mailutils/manual/mailutils.html#encryption