yahoo to use public key technology for anti-spam
Steven M. Bellovin
smb at research.att.com
Sun Dec 7 17:39:35 EST 2003
In message <Pine.LNX.4.58.0312071154330.18171 at bolt.sonic.net>, bear writes:
>
>>But you should be sending mails via *your* SMTP server, and should be
>>connecting to that SMTP server using SSL and authentication. Open relays
>>encourage spam. People shouldn't be relaying mail via just any SMTP server.
>
>This is generally how I work it. I sit down at any hotspot and I
>get network connectivity. But all the hotspot is ever going to see
>of my browsing, email, and anything else I like to keep private is
>SSH packets to my home machine, or encrypted X packets running
>between the X server on my laptop and X clients on my home machine.
>
>A bit of lag is acceptable. Sending private mail via untrusted
>SMTP servers is not.
That isn't Carl's point. He may very well be using a trustworthy SMTP
server, via a secure tunnel. The issue is whether he has to use a
server owned by the owner of his return address.
I use a variety of email addresses, for various reasons. I have my
usual work account, some university accounts, a few personal accounts,
one I reserve for EBay use, etc. I also use several different SMTP
servers to send my email. I *always* have a secure tunnel set up; in
fact, Postfix on my laptop is hard-wired to send to port 20025 on
127.0.0.1. Of course, where that ends up will vary, but it's not in a
one-to-one correspondence with the sending address I use. The Yahoo
scheme would apparently require that each email I send be routed via
the domain owner's SMTP server.
--Steve Bellovin, http://www.research.att.com/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list