Re: [ietf-smtp] why are we reinventing mta-sts ?
S Moonesamy <sm+ietf@elandsys.com> Tue, 08 October 2019 13:35 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 737C4120077 for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:35:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.698
X-Spam-Level:
X-Spam-Status: No, score=-1.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=elandsys.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wa3ykl6SCMy2 for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:35:52 -0700 (PDT)
Received: from mx.elandsys.com (mx.elandsys.com [162.213.2.210]) by ietfa.amsl.com (Postfix) with ESMTP id 68BA412004E for <ietf@ietf.org>; Tue, 8 Oct 2019 06:35:52 -0700 (PDT)
Received: from DESKTOP-K6V9C2L.elandsys.com ([102.115.168.90]) (authenticated bits=0) by mx.elandsys.com (8.15.2/8.14.5) with ESMTPSA id x98DZcd3026544 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 8 Oct 2019 06:35:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1570541750; x=1570628150; i=@elandsys.com; bh=Vp53frp3TyDrmqU3BX9ltMWAHwJy9lvJmkwqsRFYN/w=; h=Date:To:From:Subject:In-Reply-To:References; b=za3EXZwwsCbFv+o/vIf1X3vTVsGjwpTTy/vH1cesEyLSKolll0y88e3RNJ5YUwKaG JgT3j4zaNhWXe2z55Z2ZnvnfVkfHHretyJq9+JhUt28k1f7vV2GSMdfA9IHvSHK0ud UVwCeEqPW+Yti37c/oJb/U9IF0TApYPZdQS58bLY=
Message-Id: <6.2.5.6.2.20191008055223.0b9c78e8@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Tue, 08 Oct 2019 06:35:24 -0700
To: Daniel Margolis <dmargolis=40google.com@dmarc.ietf.org>, ietf@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
Subject: Re: [ietf-smtp] why are we reinventing mta-sts ?
In-Reply-To: <CANtKdUcmJDJMm0Vaet23pKBr=yL-jkWXhhr7NtwFvPiJgGwvig@mail.g mail.com>
References: <20191007002348.GA23742@x2.esmtp.org> <20191007015616.BE113BB3D68@ary.qy> <CANtKdUeC0NVfvVpbHtwd=OoO=BoT8KNWVx8BGF-GPZPU-zo6QA@mail.gmail.com> <CAOEezJTH4Jukz2J4jSDfixECg2Jyyk4+cDnasiAoa4Q2F9=ZZw@mail.gmail.com> <b0dae4ca6e95dc83ca70f71ad780a1432273bcf5.camel@aegee.org> <CAOEezJRXUZkPoJn_kV92q=OQoUs32VzTR5a0JeAKg6NYBW55=Q@mail.gmail.com> <19705.1570469430@turing-police> <f7b9f700-7303-449d-8212-147f29d0bdfd@www.fastmail.com> <CANtKdUcmJDJMm0Vaet23pKBr=yL-jkWXhhr7NtwFvPiJgGwvig@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/mHYqhhb9h80YlFwhgfhK9BQbIJM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 13:35:54 -0000
Hi Daniel, At 01:04 PM 07-10-2019, Daniel Margolis wrote: >I'm interested to hear more about those situations. > >It seems like the primary concerns with additional costs associated >with MTA-STS are > >* the cost of buying a CA-signed cert (but what about Let's Encrypt?) >* the cost of hosting your own HTTP server if you are in a hosted environment >* the cost of hosting an HTTP server if you are hosting your own MTA > >Depending on the level of automation, I think the extra effort >required by MTA-STS ranges from "none" to, unfortunately, "some." >But I don't fully understand the scenario where it's a significant >economic burden beyond the basic cost of hosting an MTA. Can someone >help explain this better? The mail service depends on a DNS service and a web service. The system requires two CA-signed certificates. The person responsible for all that will have to assess the extra effort. I came across the following thread: https://support.google.com/mail/thread/10350042 The people on this mailing list can probably sort out such issues. Whether the audience out there can do that is an open question. Regards, S. Moonesamy
- Re: [ietf-smtp] why are we reinventing mta-sts ? S Moonesamy