Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org)
At 6:13 PM -0700 2002/08/27, David Schwartz wrote:
I'm afraid the technology to rapidly sift through large volumes of information to search for specific areas of interest is widely available.
Really? Where? I'd like to know what they are and where.
It is totally reasonable to not want to send mail through your ISP's mail servers and perhaps directly to a trusted mail distributor over an encrypted link.
Fair enough.
Of course, you can easily use a port other than 25 for this purpose.
Indeed.
The problem comes when the recipient tries to validate your origin address against your secure mail server.
Well, if you use TLSSMTP, I would think that would be resolved during the connection, by the authentication of the key. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
On Thu, 29 Aug 2002 00:48:39 +0200, Brad Knowles wrote:
At 6:13 PM -0700 2002/08/27, David Schwartz wrote:
I'm afraid the technology to rapidly sift through large volumes of information to search for specific areas of interest is widely available.
Really? Where? I'd like to know what they are and where.
There are a few thousand people and more computers than you can shake a stick at located at Fort Meade for just this purpose.
The problem comes when the recipient tries to validate your origin address against your secure mail server.
Well, if you use TLSSMTP, I would think that would be resolved during the connection, by the authentication of the key.
Who says the recipient's mail server has TLS capability? It's really the same problem as what happens when joe@aol.com wants to send email with his personal origin address from his work machine which has nothing to do with the AOL network. Except it's a bit harder to solve because in the AOL case, AOL could just offer some solution. The problem occurs when I have an @aol.com email address but don't trust AOL to handle my outbound email. Again, though, it's reasonable to say, "If you don't trust AOL to handle your outbound email, then don't use an @aol.com address. You have to trust them for inbound anyway." DS
participants (2)
-
Brad Knowles
-
David Schwartz