ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Horses

2009-06-22 14:04:47
from [Gordon Peterson] [Permanent Link] 
> It's been best practice for a decade to use SUBMIT or a tunnel back to
your own host to send mail.  These days it's just laziness to do
anything else.  As someone else asked a few minutes ago, are there any
significant mail systems that still don't provide SUBMIT?
Yes... basically ALL of those which allow you to send e-mails though an e-mail kiosk-type service, such as you find at airport waiting lounges, cruise ship and other public-access Internet cafes, (including Internet mail public-access systems you find at public libraries, Chinese post offices, etc. etc., where you do not get to use your own computer, and basically are limited to entering your return e-mail address, the destination e-mail address, the subject, and your mail message.) 

>>>E-mail coming from unfamiliar correspondents can be held to a (even much)
> >higher-than-usual standard regarding the ground rules for what is
> >acceptable and what is not.

> Yes, that's why we've been working on mail authentication a la DKIM for
The point being that Aunt Martha's machine can be compromised, such that even with her own IP, her habitual outgoing mail server, and her valid credentials, it might still be shipping spam. It's not enough that it LOOKS like (or even IS) coming from her... just as it's not enough to see that mail has your friend's return E-mail address if it's actually Grouply spam. It's far better to see whether the incoming e-mail with Martha's return address has all the typical things that Aunt Martha's mail messages ACTUALLY HAVE (for example, does it use the 'stationery' that she maybe 'always' uses?) Again, this is analogous to what humans actually do when considering a suspect incoming e-mail message... does it look the way you'd expect mail FROM THAT SENDER to actually look? What yellow or red flags is it flying? This requires looking at the content, too. 

--

Gordon Peterson II
http://personal.terabites.com
1977-2007:  Thirty year anniversary of local area networking
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] "Affiliation", John Leslie
Next by Date:  Re: [Asrg] What are the IPs that sends mail for a domain?, Douglas Otis
Previous by Thread:  [Asrg] MUA as MSA or MTA (was Re: What are the IPs that sends mail for a domain?), J.D. Falk
Next by Thread:  Re: [Asrg] Horses, Ian Eiloart
Indexes:  [Date] [Thread] [Top] [All Lists]