Y
Hacker News
new
|
ask
|
show
|
jobs
by
brl
4308 days ago
Even if you validate certificates an active attacker can return false MX records and direct the sending MTA to connect to an attacker-controlled server which presents a perfectly valid certificate.