In message <[EMAIL PROTECTED]>, bear writes: > >>But you should be sending mails via *your* SMTP server, and should be >>connecting to that SMTP server using SSL and authentication. Open relays >>encourage spam. People shouldn't be relaying mail via just any SMTP server. > >This is generally how I work it. I sit down at any hotspot and I >get network connectivity. But all the hotspot is ever going to see >of my browsing, email, and anything else I like to keep private is >SSH packets to my home machine, or encrypted X packets running >between the X server on my laptop and X clients on my home machine. > >A bit of lag is acceptable. Sending private mail via untrusted >SMTP servers is not.
That isn't Carl's point. He may very well be using a trustworthy SMTP server, via a secure tunnel. The issue is whether he has to use a server owned by the owner of his return address. I use a variety of email addresses, for various reasons. I have my usual work account, some university accounts, a few personal accounts, one I reserve for EBay use, etc. I also use several different SMTP servers to send my email. I *always* have a secure tunnel set up; in fact, Postfix on my laptop is hard-wired to send to port 20025 on 127.0.0.1. Of course, where that ends up will vary, but it's not in a one-to-one correspondence with the sending address I use. The Yahoo scheme would apparently require that each email I send be routed via the domain owner's SMTP server. --Steve Bellovin, http://www.research.att.com/~smb --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]