[51468] in North American Network Operators' Group
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org)
daemon@ATHENA.MIT.EDU (David Schwartz)
Wed Aug 28 00:03:19 2002
From: David Schwartz <davids@webmaster.com>
To: <jxh@jxh.com>
Cc: <nanog@merit.edu>
Date: Tue, 27 Aug 2002 21:01:16 -0700
In-Reply-To: <1651624.1030477216@[10.9.18.6]>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 27 Aug 2002 19:40:16 -0700, Jim Hickstein wrote:
>--On Tuesday, August 27, 2002 6:13 PM -0700 David Schwartz
><davids@webmaster.com> wrote:
>> I'm afraid the technology to rapidly sift through large=
volumes of
>>information to search for specific areas of interest is widely=
available.
>>It is totally reasonable to not want to send mail through your=
ISP's
>>mail servers and perhaps directly to a trusted mail=
distributor over an
>>encrypted link. Of course, you can easily use a port other=
than 25 for
>>this purpose. The problem comes when the recipient tries to=
validate
>>your origin address against your secure mail server.
>Your secure mail server (i.e. me) just has to be named in a=
MAIL-FROM MX
>record. We do DNS for some of our customers, and can add this=
trivially;
>the others control their own zones. Works for me.
=09How would this stop the destination mailservers from rejecting=
the mail
forwarded by the secure server? Remember, the situation is that I=
don't trust
my ISP to see my outbound mail (because that's where warrants are=
likely to
be served or interception hardware would likely be=
surreptitiously inserted).
So I don't want my outbound mail passing through my ISP=
unencrypted.
=09And I can't just use an email address that is hosted by the=
secure mail
server, because then that's where the warrant will be served or=
the interest
will be focused, and my mail is decrypted there. Nobody=
inspecting the secure
link could necessarily even tell that it was mail that was going=
over it or
where it was actually decrypted -- the next hop could just be a=
forwarded
outputting encrypted data to the ultimate decrypter.
=09I don't think it's unreasonable to simply say that email can't=
provide this
kind of feature unless the recipient and sender are part of the=
system. And
in that case, all the problems go away because the recipient will=
do the
right thing and no intermediate mail servers that don't know what=
to do are
needed.
=09DS
