----- Original Message ----- From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
> I use a variety of email addresses, for various reasons. I have my > usual work account, some university accounts, a few personal accounts, > one I reserve for EBay use, etc. I also use several different SMTP > servers to send my email. I *always* have a secure tunnel set up; in > fact, Postfix on my laptop is hard-wired to send to port 20025 on > 127.0.0.1. Of course, where that ends up will vary, but it's not in a > one-to-one correspondence with the sending address I use. The Yahoo > scheme would apparently require that each email I send be routed via > the domain owner's SMTP server. So I`m guessing you have all your emails forwarded to one mail account and fetch them all from there, and when you reply or send a new email you just use one of your SMTP servers, which doesn't necessarily correspond to the incoming (POP or IMAP or whatever) server you received the mail from. Is that correct? In that case I guess it becomes problematic. If you just receive your mail from one incoming server I don't see a problem of having your mail be sent via the SMTP on same machine where your incoming mail server resides. If the signature just certified that the mail was relayed via an SMTP server where the user authenticated himself I think that would be a good idea (SMTP server that necessarily on the same machine than the incoming mail server). Than at least you would know that the email you received was send by someone who authenticated himself to some SMTP server, and not just someone that sent the email via an open relay. If you want something better it seems that it requires the sender to have possession of his private signature key and sign the emails he sends, but that's not a user-friendly solution and I think we all agree that it won't work in practice (not transparent enough...) --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
