IETF Logo Mail Archive

Re: [Endymail] spam versus cleartext

Dave Crocker <dcrocker@gmail.com> Sun, 07 September 2014 16:09 UTC

Return-Path: <dcrocker@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE7DF1A064B for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 09:09:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c7VwN7sSmGgL for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 09:09:16 -0700 (PDT)
Received: from mail-qa0-x22c.google.com (mail-qa0-x22c.google.com [IPv6:2607:f8b0:400d:c00::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691371A040E for <endymail@ietf.org>; Sun, 7 Sep 2014 09:09:16 -0700 (PDT)
Received: by mail-qa0-f44.google.com with SMTP id j7so13133047qaq.3 for <endymail@ietf.org>; Sun, 07 Sep 2014 09:09:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=bCg8lfSj21DZYAt1qG8x+rlZqn9YLqRxfxRSkG9I1vc=; b=0rLlmammpbzJdU496QM4kEZrjP7TyXMfRTxUnKG0UQXOLZd261LX9bMrQk6gH2usxs RjNYRp2vwi08es/XHakvTtnIatB3XswFa3TfgK920GIBVLS3uhLSd4pBWb3dB6sfknt1 yEBrPCRfm1FAfNYtlGUnfxanovT3htnT+vyDMy4yrdD7mtuRlS9316sjXUXzTbEbHPBe 1pnV12PtYt4geaPuiU8VfSVvsTQ4rIxQk+pWx+0iMVP4O7gDN8nqz97FAmIvi3bK4ECy d1ZizdvIgYP8J+HkLR8OsLFjnOVI1WhjdJWBbjxwi44my48Cv49JRZ2/ZXCq6PRiby3O UTTQ==
X-Received: by 10.140.86.147 with SMTP id p19mr33689250qgd.66.1410106154507; Sun, 07 Sep 2014 09:09:14 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net. [76.218.8.156]) by mx.google.com with ESMTPSA id j74sm5370918qgd.0.2014.09.07.09.09.13 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 07 Sep 2014 09:09:13 -0700 (PDT)
Message-ID: <540C826B.9060408@gmail.com>
Date: Sun, 07 Sep 2014 09:06:03 -0700
From: Dave Crocker <dcrocker@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Eliot Lear <lear@cisco.com>
References: <540AABF8.8000605@cisco.com> <540C5BE1.6010405@qti.qualcomm.com> <540C7399.3060901@cisco.com>
In-Reply-To: <540C7399.3060901@cisco.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/-DwbnJq2AZlmOQgY21th2JULG7M
Cc: endymail@ietf.org
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 16:09:18 -0000

On 9/7/2014 8:02 AM, Eliot Lear wrote:
> Let's talk constraints for a moment.  Does the problem get easier if we
> say, “let's not even attempt to address transactional email”, and focus
> exclusively on h2h?  Also, is it a goal to completely do away with
> spam?  Is that a non-goal?


Eliot,

I've no idea what characteristics of 'transactional mail' -- as compared
with... personal mail, or ? -- worth distinguishing.  So while it's a
category that is often interesting to distinguish in email security and
abuse discussions, what do you have in mind here, exactly?

MTA-to-MTA (or, rather, Boundary MTA to Boundary MTA) is almost
certainly an interesting distinction from author to recipient. For
example, that's why DKIM has succeeded at Internet scale, where PGP and
S/MIME have not.

But we need to be clear about what benefits it gets us and what it doesn't.

If, for example, one is worried about their email operator being
compelled to produce keys for decrypting user mail...

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.8.7 | Report a Bug | By Email