IETF Logo Mail Archive

Re: [ietf-smtp] How to encrypt SMTP?

Keith Moore <moore@network-heretics.com> Sun, 27 October 2019 01:22 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9094B120048 for <ietf-smtp@ietfa.amsl.com>; Sat, 26 Oct 2019 18:22:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6DToTC7YKRJJ for <ietf-smtp@ietfa.amsl.com>; Sat, 26 Oct 2019 18:22:54 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 381E4120043 for <ietf-smtp@ietf.org>; Sat, 26 Oct 2019 18:22:54 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 6C2BD2FB; Sat, 26 Oct 2019 21:22:53 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Sat, 26 Oct 2019 21:22:53 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=WlDRAf R8g+HD14BhJIObGAkyf6vsu2U4Y3hKxZKIyS0=; b=fDrFlqefNWp3KA83wdfhYx C3uR2McMRQDG5hD9/Dn7cIO3fRtFUryzCJwsF57LOsVOF+WDNyV3pUw7kj+wmR/I msGqs1QmenI8r2fpNMdhTH2hMkcnfqzG/entXiNaok8LD4GIFb+/0I1MbcfW2Gob l5Ug3g4FQNX2f3BBILeVVXGRjgRmkM0UMFDTErf4fSvhmnDnu0SzCYZ9LHExx8D+ xTIstWRNzZq4kUGuhBuHKIrf47/OPh3aLmHCzwiBnciOm6Pb+XQsDnze39EJ5k2B i5AA8QTdhpuRyl++UU2jtZ4OXHbAnxv7U7JhyibplFOUosQvB/DBFiQrG5JPE/gw ==
X-ME-Sender: <xms:bPG0XUaaqZO5SaWrTJ1rAnezW5t-t9KF8BAc9rzLRH1aTKx4dQT-AQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrleeigdegiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefuvfhfhffkffgfgggjtgesrgdtreertdefjeenucfhrhhomhepmfgvihhthhcu ofhoohhrvgcuoehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomheqne cukfhppedutdekrddvvddurddukedtrdduheenucfrrghrrghmpehmrghilhhfrhhomhep mhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhmnecuvehluhhsthgvrh fuihiivgeptd
X-ME-Proxy: <xmx:bPG0XZF25gmR6na4ObC5H3LtgEXga6O24VmBv8ITq3FCxjhTDRSlLA> <xmx:bPG0XeQCtFBF1IV3z-kKQWAEocwybbdia51LJZBfT-GEVKBcJU19Fw> <xmx:bPG0XWsxb4mRBclDA0nVuGNqyPRd5rAFlprBvPZLubNw5a_6mGvf8g> <xmx:bfG0XW5G847CSMCYhgLJnU7KCyp6lJePtCF2zUPtzoIyo2yiQmqBsw>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 8721CD60057; Sat, 26 Oct 2019 21:22:52 -0400 (EDT)
To: Valdis Klētnieks <valdis.kletnieks@vt.edu>
Cc: ietf-smtp@ietf.org
References: <20191027002554.260ABD7437F@ary.qy> <344aaf1f-df91-ffb9-38bc-527d159a2ca6@network-heretics.com> <alpine.OSX.2.21.99999.368.1910262041440.10592@ary.qy> <ee3b3211-a0be-b6f3-b551-0027fcea63c4@network-heretics.com> <162361.1572138796@turing-police>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <6365e3e9-5d80-5944-b587-2e9c15c0a4f9@network-heretics.com>
Date: Sat, 26 Oct 2019 21:22:51 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <162361.1572138796@turing-police>
Content-Type: multipart/alternative; boundary="------------5CA74522CC7C2542C8E1ECF9"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/Sz-hvTimkMS6E5fYo2zkSfcTLA0>
Subject: Re: [ietf-smtp] How to encrypt SMTP?
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Oct 2019 01:22:56 -0000

On 10/26/19 9:13 PM, Valdis Klētnieks wrote:
> On Sat, 26 Oct 2019 21:02:55 -0400, Keith Moore said:
>
>> between administrative domains wouldn't look like a huge change.�� Maybe
>> it would even be justified as a spam deterrent.
> I wonder what percent of spammers would have any problems and if any spam
> would actually be blocked.  They were on the bleeding edge of adopting SPF and
> similar, after all.

Note I did say maybe such a practice would be /justified/ as a spam 
deterrent.   Many things that have been justified in that way, don't 
actually serve that purpose in practice.   From one perspective, the 
greatest effect of spam filtering has been to make Internet email 
unreliable for general use.

But overall I'm a lot more interested in having email universally 
encrypted, than I am in having yet another half-baked spam deterrent.   
But if that's what it takes to get people to do it, it might be a good 
thing.

>> Nor sure I get the analogy.�� AFAIK if Google signed their domains, the
>> only things that would break would be broken DNS clients/resolvers doing
>> verification, which would hopefully be few in number.
> On my more cynical days, I contemplate whether breaking such clients is the
> fastest way to get them fixed.....

It's not like we've never seen cases where breakage helped to fix things.

Keith

v2.23.0 | Report a Bug | By Email