Hello Mr. Levine, 5 months back I posted my spam research on DMARC list. You have gone through only 50 words and judged my work. The whole thread gone haywire because of you. I was humiliated there and left. Last week I posted in IETF list. To be very honest, I don't like you. That's because you spent your time only on attacking me on DMARC list. I'm happy to post the private mail screenshots if anyone wants that. Although I don't like you, I still managed to respond politely in IETF lists. Again... In that list the only thing you did was attacking my work. I asked you to provide evidence to support your criticisms, but you never did. You called my work as fantasy, whereas guys in this thread says it has at least some merits. https://mailarchive.ietf.org/arch/msg/uta/CaMj7xkGpkDg6c3qKGlLjksG5do To quote his words Sorry, but this is a fantasy. SMTP routing still falls back to an A
record if there's no MX and the DNS has been around for 30 years. And your assmptions about what is hard and what is easy may be correct for your personal situation, but they are not true in general. Look at it this way -- if you can set up an STS server in less than a decade, you're ahead of the game.
This is what I responded for that. ----- Here is the problem with that part. A records are IE6 equivalent in the SMTP world. These days everyone moved to the MX records. There are rare cases where some mail servers still rely on A records. My solution doesn't deal with A records. It's the clients decision whether to use MX record or A record. Let's just pretend my solution rely on A records, you are criticising my work saying that 0.1% people not gonna upgrade to "MX Records". On the other hand, you think 100% of the internet gonna upgrade to a completely new system STS. Isn't that irony? ----- These are some of his responses to my thread. ------ MTA-STS does a great deal of this. It has a way for a domain to say "all my inbound mail uses TLS" (RFC 8461) and for other systems to report back and say whether they're actually seeing that (RFC 8460.) I don't understand why people are trying to reinvent the wheel when we just defined a fairly round one a few months ago. https://mailarchive.ietf.org/arch/msg/uta/XVHBasNzVBTKbFE2EcLmI9fK324 ----- We went through all of this when we invented MTA-STS. We know that setting up a web server can be non-trivial but for a lot of places, it's far easier than geting DNSSEC to work. I recall a dinner at the Buenos Aires IETF where we were trying to figure out if there were a reasonable way to signal stuff in the DNS. Magic names certainly came up. I think it would be a good idea for anyone interested in this topic to go back through the mailing list discussion and read the drafts and explain what is different now that we didn't know when we defined MTA-STS a few months ago https://mailarchive.ietf.org/arch/msg/uta/nmB53F9Hg9yfPXCXeXv248evYhM ----- John, you should know, I'm doing forum shopping here because of you. I totally understand others tried to help me. But you are not. You created this thread just to attack me. So this is the prime example of you trying to silence my work. Most decent folks never do such thing. To everyone else, my solution is an EASY alternative for both DANE and MTA-STS. John seem like he has vested interest in MTA-STS. Guys, feel free to take a look at our whole conversation in the uta ietf list. And then please tell me this man is not biased at all. I'm happy to terminate my proposal in that case.