Currently this list discuss one of problems - validation of email author to
_possibly_ prevent spam/abuse.
But how about email privacy ?
Nobody at post-office allowed to read your regular (paper) mail.
But why all kinds of email filters constantly dig for keywords inside your
messages ?
Why nobody discuss email-encryption/signing solutions ?
If we will send each-other a gzip-compressed, encrypted and signed files -
this will definitely solve a lot of problems.
No worry about canocalization, no worry about prepended/appended content at old
non-compatible MTAs, no worry about your email read
by business competitors, no worry about email author, as well this can result
in email traffic decrease (useless feature nobody care
about ;-)
Each mail server can announce in DNS that it accept such a emails and decoding
will done at server-side or optionally if user really
need this - at end-user computer.
Everything will be transparent.
In contrast from SSL/TLS - this will be sender-receiver encryption, not a
hop-to-hop.
In contrast from user-level SMIME/PGP - this will offer some transparency for
users.
Offload key management and signing/decryption to email servers or email-proxies
(this is much easy compared to change all MUA
software).
What do you think about this ?
How about making content of all emails secure ?
--
Andriy G. Tereshchenko
Odessa, Ukraine