|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: pop-before-smtp (was Re: FreeInet and checking mail?)
From: Brad Knowles (blk
skynet.be)Date: Sun Jun 04 2000 - 17:04:58 CDT
- Next message: Wietse Venema: "Re: RPM Packaging of the latest Snapshot"
- Previous message: Bennett Todd: "RPM Packaging of the latest Snapshot"
- In reply to: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Next in thread: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Reply: Brad Knowles: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Reply: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 9:36 PM -0400 2000/6/2, Greg A. Woods wrote:
> In fact I'm pretty sure that SMTP is the *wrong* protocol for end users
> (err, rather their MUA clients) to be submitting e-mail with in the
> first place.
There are submission protocols that have been agreed upon and
implemented, and I believe that they require an authenticated (and
optionally encrypted) channel.
> This is a job for either a POP or IMAP extension (some
> examples of which already exist), or perhaps for LMTP if for some reason
> you really detest reusing the already authenticated POP/IMAP session for
> that purpose.
No. POP & IMAP extensions are the wrong way to go. I don't want
my POP/IMAP server to have to also handle mail message submissions by
users. That simply doesn't scale when you talk about millions of
users. I want a totally separate submission handling system.
> Indeed, any submission protocol should travel over a secure transport.
Ideally, yes. However, I believe that we can only support secure
transports as an optional alternative. Authentication is clearly a
requirement, but I don't think we can make an encrypted channel a
requirement.
> The real problem these days is that certain vendors seem to have a hold
> on the vast majority of the market share for MUAs and it's become
> increasingly difficult to convince these vendors to implement sane and
> truly interoperable protocols (just about as hard as it seems to be to
> convince them to put security *first*!).
In the case of the one vendor I believe you are speaking about,
they believe that it is in their best interest to ensure that their
clients are inherently *incompatible* with everything else, thus
locking every one exclusively into their programs. We need to
permanently disabuse them of this notion.
-- These are my opinions -- not to be taken as official Skynet policy ====================================================================== Brad Knowles, <blk
- Next message: Wietse Venema: "Re: RPM Packaging of the latest Snapshot"
- Previous message: Bennett Todd: "RPM Packaging of the latest Snapshot"
- In reply to: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Next in thread: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Reply: Brad Knowles: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Reply: Greg A. Woods: "Re: pop-before-smtp (was Re: FreeInet and checking mail?)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]