IETF Logo Mail Archive

Re: [Endymail] spam versus cleartext

Eliot Lear <lear@cisco.com> Sun, 07 September 2014 17:04 UTC

Return-Path: <lear@cisco.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0B231A0476 for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 10:04:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.153
X-Spam-Level:
X-Spam-Status: No, score=-16.153 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.652, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TEKT5Lok2pkZ for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 10:04:01 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FD0F1A02FC for <endymail@ietf.org>; Sun, 7 Sep 2014 10:04:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2020; q=dns/txt; s=iport; t=1410109440; x=1411319040; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=9tH3a9DZeddPU5NLoSprnClISAMjPTNGF/k8EFKolEo=; b=eRD3/Ah11h5/0ikgbqDT/oXBwfjT6OOdPQ0cRKi8E6a5UiY+aWoi0wga FnimncpQnknobvXA5YsacLU1gaKMtd239BjsF8AFQCqw6cNkY8sOdg2fd iYK3byo/0vrpDIEvKodljGvB3HaMGq8JbaWqOBtMA+peTtsXa3nx+WcRZ U=;
X-Files: signature.asc : 486
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqEEAPOODFStJssW/2dsb2JhbABYhzPOOwGBGHiEBAEBAwEjVhALDhMhAgIPAkYGDQEHAQGINgimW5UAAReOaxACAU8HgnmBUwEEjyuEG4FKh2KHQY1rg2M7gn4BAQE
X-IronPort-AV: E=Sophos;i="5.04,483,1406592000"; d="asc'?scan'208";a="164993342"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP; 07 Sep 2014 17:03:47 +0000
Received: from [10.61.197.219] ([10.61.197.219]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id s87H3lcc001426; Sun, 7 Sep 2014 17:03:47 GMT
Message-ID: <540C8FF1.80104@cisco.com>
Date: Sun, 07 Sep 2014 19:03:45 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Dave Crocker <dcrocker@gmail.com>
References: <540AABF8.8000605@cisco.com> <540C5BE1.6010405@qti.qualcomm.com> <540C7399.3060901@cisco.com> <540C826B.9060408@gmail.com>
In-Reply-To: <540C826B.9060408@gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nNAIL7xelVWQD8ljJALw58gDHd6CTUfaU"
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/MXaC8wbpJoDZpQgGyRLTzQMoFk0
Cc: endymail@ietf.org
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 17:04:02 -0000

Hi,

>
> Eliot,
>
> I've no idea what characteristics of 'transactional mail' -- as compared
> with... personal mail, or ? -- worth distinguishing.  So while it's a
> category that is often interesting to distinguish in email security and
> abuse discussions, what do you have in mind here, exactly?

human to human versus other.

>
> MTA-to-MTA (or, rather, Boundary MTA to Boundary MTA) is almost
> certainly an interesting distinction from author to recipient. For
> example, that's why DKIM has succeeded at Internet scale, where PGP and
> S/MIME have not.

How blue sky do we want to be in this discussion?  If the answer is
"very", then we should even leave the above terminology aside – for the
moment.  But now that I see a large object headed straight toward me...
>
> But we need to be clear about what benefits it gets us and what it doesn't.

Yes.

>
> If, for example, one is worried about their email operator being
> compelled to produce keys for decrypting user mail...

As a very important example. 


Eliot

v2.8.7 | Report a Bug | By Email