Well, twaldorf, I'm sure your German is better than mine [;)], but I read that document as assuming that StartTLS is included in all of the comments about SSL/TLS.
jlan, does your mail server support PFS? If not, then I don't think turning on your DNAT will satisfy the authorities.
Cheers - Bob PS I'd be interested in learning the politics of this. I suspect that several politicians got large (legal, I'm sure) payments from somewhere. This kind of government overreach occurs all too often.
Sophos UTM Community Moderator Sophos Certified Architect - UTM Sophos Certified Engineer - XG Gold Solution Partner since 2005
Well, twaldorf, I'm sure your German is better than mine [;)], but I read that document as assuming that StartTLS is included in all of the comments about SSL/TLS.
jlan, does your mail server support PFS? If not, then I don't think turning on your DNAT will satisfy the authorities.
Cheers - Bob PS I'd be interested in learning the politics of this. I suspect that several politicians got large (legal, I'm sure) payments from somewhere. This kind of government overreach occurs all too often.
Sophos UTM Community Moderator Sophos Certified Architect - UTM Sophos Certified Engineer - XG Gold Solution Partner since 2005
