IETF Logo Mail Archive

Re: [ietf-smtp] epostage is still a bad idea, the inedible parts of IETF dogfood consumption - SMTP version

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 19 December 2019 22:55 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6924120048 for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 14:55:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.396
X-Spam-Level:
X-Spam-Status: No, score=-1.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibkbRUB0x7XD for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5585B12001A for <ietf@ietf.org>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
Received: by mail-ot1-f42.google.com with SMTP id a15so9239286otf.1 for <ietf@ietf.org>; Thu, 19 Dec 2019 14:55:18 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ChQ8bjvhu2m2TgBEnrzQKhhfivLy1P91/vDZHzEsQ6E=; b=BK5ttERQTomcFvhbVU7SOxMQ+9gSFs2kUt5Qvw2aE2HEvmnkBJuqkuX/MEUL0yLSYX Lu8QB7wBzliA20/ApJG4viZLmKbdCQ413MvyNO7UH+/+QGfEqGJa+df/E/jReY8ir3JT Tg7sLezX4a6AmXU9JbQ1JJ1tsdfDGJ/9JIL3VNFyxWOargz4vaZVOP8/hI4+4RQUtD/9 hbuq4jHSzykf73eUZtEnJEltXpP/Ncsum10rIwcngHR+0WZmlBv2sxSz9SWUrwgwvJUp YPQWWdGe55wfU/3OpmD14aFPD+faDYbGYaIS/+rsWyQvcNne/dxJYzCKqnG/qJxGk0S3 ZnPQ==
X-Gm-Message-State: APjAAAUpjWa8TZSGpY9tJw30dQxpKSZVVzVy3ai+Pp31g0sOrhRxgLIC XJzCwaoUq/O5FKOWRbkFeWxAYGFaoS/1aPf+Nqg=
X-Google-Smtp-Source: APXvYqz1EtB4cFcjbxqQXc8vfcrgsZ/2OgQInCnoDW1Aqn7rCOyQ3XaxcLPK5n8ByzC9Pb06aT2kwzb9XNwE/r/bK/Y=
X-Received: by 2002:a05:6830:2154:: with SMTP id r20mr11483961otd.66.1576796117560; Thu, 19 Dec 2019 14:55:17 -0800 (PST)
MIME-Version: 1.0
References: <20191218020726.4FA601178860@ary.qy> <aacdb008-a894-d116-d0ee-afb5bfa36477@network-heretics.com> <CAKr6gn0JYfziVEyL1mH-WZxyy7tFct77jafjbh2fVGU4CPysQA@mail.gmail.com> <alpine.OSX.2.21.99999.374.1912180916250.77074@ary.qy> <CAMm+Lwg7brq8jb6JZHVuJiAzM4CoJWBMRDf3Q2dnnOzd5KNA-A@mail.gmail.com> <CABa8R6u_xwDH+40eFjg7-pXgW7W1f_2gfNN5f7mfTkVCkKbNYQ@mail.gmail.com>
In-Reply-To: <CABa8R6u_xwDH+40eFjg7-pXgW7W1f_2gfNN5f7mfTkVCkKbNYQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 19 Dec 2019 17:55:06 -0500
Message-ID: <CAMm+LwjNswRu735ox1EY9ps1bkyQFB=BBBr_+BFx-hme1gecGA@mail.gmail.com>
Subject: Re: [ietf-smtp] epostage is still a bad idea, the inedible parts of IETF dogfood consumption - SMTP version
To: Brandon Long <blong@google.com>
Cc: John R Levine <johnl@taugh.com>, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000078740d059a1674a3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/r4lfsox3axl04sEXyMYgT8BvnDE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 22:55:20 -0000

On Thu, Dec 19, 2019 at 3:52 PM Brandon Long <blong@google.com> wrote:

>
>
> On Wed, Dec 18, 2019 at 11:12 AM Phillip Hallam-Baker <
> phill@hallambaker.com> wrote:
>
>> If we knew how to deploy such a radical change as sender pays, we would
>> surely also know how to do the much easier task of replacing SMTP with a
>> protocol that is secure by default.
>>
>> * Every message is signed by the sending client.
>> * Every message is signed by the originating mail service.
>> * Every mail receiving service performs access control on inbound messages
>> * Every mail client performs access control on messages
>>
>> Messaging abuse isn't entirely absent on Facebook, Skype, Signal, etc.
>> but it is virtually non-existent compared to telephone and email. We are
>> rapidly reaching the point where a large number of customers are going to
>> start unplugging from POTS and only use it for voice mail because the level
>> of abuse is utterly insane.
>>
>> Subjecting every message to access control is pretty straightforward when
>> you can start with the principle that every message is authenticated by the
>> sender. Defining a set of access control rules that work for me is pretty
>> straightforward.
>>
>> 1) I will accept a contact request of 200 characters or less from anyone
>>
>> 2) I will accept requests from anyone in my contact book that are
>> compatible with the authorizations specified there (e.g. Alice can send me
>> mail or voice, Bob only voice, Carol can send me code, etc).
>>
>> 3) I will accept messages from anyone who has attended an IETF meeting or
>> is a member of an an affinity group I am a member of (school, university,
>> etc. etc.)
>>
>> 4) Reject everything else
>>
>> Trying to shoehorn this into the legacy SMTP environment is tough because
>> the default is insecure. But there are plenty of closed environments that
>> don't use SMTP which could switch to another messaging protocol.
>>
>> While I was writing this, I was interrupted by the Nest telling me
>> something I didn't need to know. There is also a 'secure' messaging center
>> on the Nest site and I have the same for each of my banks, brokers, etc.
>> Wouldn't it be nice if all of those could send me messages using a protocol
>> they know is secure and meets their HIPPA, GDPR, MMQF, etc. requirements?
>>
>
> The challenge with the secure messaging systems is only partially due to
> transit concerns, they also want to be in the loop for the ACL to view the
> message and control the lifecycle of the message as well.
>

Oh don't tempt me, I would love to be able to add Micali Fair Contracts to
my code...

v2.23.0 | Report a Bug | By Email