Re: [perpass] SMTP and SRV records
Ted Hardie <ted.ietf@gmail.com> Tue, 24 November 2015 22:41 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AF581A90E6 for <perpass@ietfa.amsl.com>; Tue, 24 Nov 2015 14:41:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9zXwQDQMryun for <perpass@ietfa.amsl.com>; Tue, 24 Nov 2015 14:41:07 -0800 (PST)
Received: from mail-qg0-x22e.google.com (mail-qg0-x22e.google.com [IPv6:2607:f8b0:400d:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A06D1A90E1 for <perpass@ietf.org>; Tue, 24 Nov 2015 14:41:07 -0800 (PST)
Received: by qgec40 with SMTP id c40so21160089qge.2 for <perpass@ietf.org>; Tue, 24 Nov 2015 14:41:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Zh4b2xaoMHgGUPCC98OJKSpRbdYIba30mISS1sqXpIE=; b=chuSqoS64dEMYr1o7FyQKk0uy71QUay5ie+KomhdKe0+Ojc0Rn91rfLLk1RKydEGTm flf2KcjClrs1odPshk5HDJL+CxXCkQIAHyJKL2JhJm+MavU8dYf7bZFTT4lnp7ZilBDk el23g1yb4krno8GPw61+Qgry0HvXU6CXF6BwFfsyOjFs2nyV/fDNuJl0q+cjbz+vjvqu ax/UDISisa/TR0z7coJsNms3z25yAoVwiMnRfDbcafT2cHsZPBnZT1jc30vOy82pJKI4 5lyaF/S8fgGvj+B++jVpii34ITnhG8PwssjsBKiogefqXAFAlb8DYApicg94V0kAy3Rl TdYw==
MIME-Version: 1.0
X-Received: by 10.140.172.3 with SMTP id s3mr37974536qhs.6.1448404866492; Tue, 24 Nov 2015 14:41:06 -0800 (PST)
Received: by 10.55.115.132 with HTTP; Tue, 24 Nov 2015 14:41:06 -0800 (PST)
In-Reply-To: <1448403824760-dbe4ee86-e05e8503-58e2c4c8@fugue.com>
References: <20151124201103.GA9353@cowbell.employees.org> <5654D5AF.50700@cisco.com> <1448403824760-dbe4ee86-e05e8503-58e2c4c8@fugue.com>
Date: Tue, 24 Nov 2015 14:41:06 -0800
Message-ID: <CA+9kkMCxEpE99R7Sf9Wv=tx76JhXVgbxwya3kUN+H_5s6L7xFw@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: Ted Lemon <mellon@fugue.com>
Content-Type: multipart/alternative; boundary="001a113a6e8e8ef29e052551090e"
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/JAHln5CO0ZcKO5BsUWucOaxoxPY>
Cc: "<perpass@ietf.org>" <perpass@ietf.org>, Eliot Lear <lear@cisco.com>
Subject: Re: [perpass] SMTP and SRV records
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2015 22:41:09 -0000
On Tue, Nov 24, 2015 at 2:23 PM, Ted Lemon <mellon@fugue.com> wrote: > Tuesday, Nov 24, 2015 4:25 PM Eliot Lear wrote: > > What benefit would this add to the average user? > > It's the germ of an interesting idea. The theory would be that a sniffer > at the backbone would have to listen to all traffic, not just traffic on > port 25. I don't think that's quite right. A port-specific sniffer would have to know what SMTP port was correct for a specific domain. Depending on the TTL of the record, that might turn into a table lookup for setting the sniffers rather than listening to all traffic. That said, I rather suspect that listening to all traffic is pretty much in the program of most signals intelligence agencies anyway, because the ephemeral ports can be be used by VoIP and other media traffic. DPI on that would tell you which ones were SMTP and which others pretty rapidly. However, it's not as good as SMTP+TLS, and has the same adoption problem, > plus SMTP+TLS has a _big_ head start, so it's probably better to > concentrate our efforts on making that work even better. > > Yes, focusing on getting encryption underneath it seems like a better use of energy; at most, port shifting is minor security through obscurity, and that doesn't tend to give you a lot of bang for your buck. Just my two cents, Ted > > -- > Sent from Whiteout Mail - https://whiteout.io > > My PGP key: https://keys.whiteout.io/mellon@fugue.com > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > >
- [perpass] SMTP and SRV records Derek Fawcus
- Re: [perpass] SMTP and SRV records Eliot Lear
- Re: [perpass] SMTP and SRV records Ted Lemon
- Re: [perpass] SMTP and SRV records Ted Hardie
- Re: [perpass] SMTP and SRV records Eliot Lear
- Re: [perpass] SMTP and SRV records Derek Fawcus
- Re: [perpass] SMTP and SRV records Brian Trammell
- Re: [perpass] SMTP and SRV records Derek Fawcus
- Re: [perpass] SMTP and SRV records Eliot Lear
- Re: [perpass] SMTP and SRV records Derek Fawcus
- Re: [perpass] SMTP and SRV records Robin Wilton
- [perpass] commentariat (was: Re: SMTP and SRV rec… Stephen Farrell
- Re: [perpass] commentariat (was: Re: SMTP and SRV… Robin Wilton