[14888] in cryptography@c2.net mail archive
Re: yahoo to use public key technology for anti-spam
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Dec 7 18:40:26 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@research.att.com>
To: bear <bear@sonic.net>
Cc: Anton Stiglic <astiglic@okiok.com>, cryptography@metzdowd.com
In-Reply-To: Your message of "Sun, 07 Dec 2003 12:01:25 PST."
<Pine.LNX.4.58.0312071154330.18171@bolt.sonic.net>
Date: Sun, 07 Dec 2003 17:39:35 -0500
In message <Pine.LNX.4.58.0312071154330.18171@bolt.sonic.net>, bear writes:
>
>>But you should be sending mails via *your* SMTP server, and should be
>>connecting to that SMTP server using SSL and authentication. Open relays
>>encourage spam. People shouldn't be relaying mail via just any SMTP server.
>
>This is generally how I work it. I sit down at any hotspot and I
>get network connectivity. But all the hotspot is ever going to see
>of my browsing, email, and anything else I like to keep private is
>SSH packets to my home machine, or encrypted X packets running
>between the X server on my laptop and X clients on my home machine.
>
>A bit of lag is acceptable. Sending private mail via untrusted
>SMTP servers is not.
That isn't Carl's point. He may very well be using a trustworthy SMTP
server, via a secure tunnel. The issue is whether he has to use a
server owned by the owner of his return address.
I use a variety of email addresses, for various reasons. I have my
usual work account, some university accounts, a few personal accounts,
one I reserve for EBay use, etc. I also use several different SMTP
servers to send my email. I *always* have a secure tunnel set up; in
fact, Postfix on my laptop is hard-wired to send to port 20025 on
127.0.0.1. Of course, where that ends up will vary, but it's not in a
one-to-one correspondence with the sending address I use. The Yahoo
scheme would apparently require that each email I send be routed via
the domain owner's SMTP server.
--Steve Bellovin, http://www.research.att.com/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
