On Sat, 17 Nov 2012 20:55:07 +0100 Andreas Krey <a.krey@xxxxxx> wrote: > Actually, that's the line I wouldn't cross. It would mean that my > mails may get offered to other servers... (however slim the chance > that there is one.) Yes, there is that possibility. Which comes back to the bit about it being inherently insecure. Even without a dynamic IP involved, a misconfiguration of someone else's relay could mean your mail being offered to practically anyone, in the clear. > > Here, DSL > > providers typically offer no SLA at all, certainly on residential > > lines. So even if you only get a three nines promise on your colo, > > you're winning. > > The colo may promise, but a promise is only something you can show > your boss if it is broken. :-) In this screwed up and illogical world, money talks. I'll take written in the contract (and therefore enforceable in court) over no promise at all. But that's just my line of reasoning. I never was much good at capitalism. > Oh, that would just saturate my DSL, not my server. :-) So far I only > had the annoying many-usernames attempts on ssl. Well, I wouldn't particularly want my DSL saturated either :) > Yes, but as I said the other server is under (indirect) control of the > mail author. If my DSL fails for a day, and the sender's server throws > it away, I will point at the auther and suggest to use a less crappy > server. It's easy enough to think of a situation where there's a third party involved, e.g. if you have to use a particular address for work purposes, and instead of providing you a POP box they redirect (forward) it to your personal email (because employers can be awkward like that). In this case, it's not the sender's fault, and you're not in a position to fix it either. > > > > > [Actually, the server whose obligation to queue in case my MX is > > > down is being paid for by the person sending the mail.] > > > > How long do you think they're obliged to queue it for? Eternity? > > Seven days (as sendmail does per default)? Send back a notification > after four hours of unsuccess and a final failure notice after a > few days. (Optionally different behaviour for many mails in the > same direction.) > > > There's a dead simple DoS straight away. Sooner or later it'll be > > dropped or bounced. > > Or no longer accepted. Keep in mind that this is the sender's mail > server which shouldn't be accepting mails from everyone anyway. And there's that can of worms again. The road to hell is paved with misconfigured servers... > If the server isn't at home, you need either webmail or a way to get > it home. Indeed. I prefer IMAP over SSL but it's a matter of taste/priorities. Providing a webmail interface gives a lower bar to entry, but makes using GPG a bit of a faff. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012@xxxxxx>
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk