On 2025-10-19 at 06:57:53 UTC-0400 (Sun, 19 Oct 2025 12:57:53 +0200)
Alessandro Vesely via mailop <[email protected]>
is rumored to have said:
On Sun 19/Oct/2025 03:22:00 +0200 Viktor Dukhovni via mailop wrote:
On Sat, Oct 18, 2025 at 06:14:03PM +0100, Andrew C Aitchison via
mailop wrote:
How much trust should we put in the not-before date of a self-signed
certificate ?
None. For reputation based on how long a client domain has been
around, one would need to maintain a history of client connections,
and assign a small positive score to clients that have been
connecting for months or years, and have managed to stay clean. A
reputation service may be able to curate this sort of data.
Hm... certificates are real, reputation services are not: When I
enter my server's IP into TrendMicro's "reputation service"[*] it says
it doesn't exist. Yet, it has a Letsencrypt certificate. Ditto for
mailop's MX.
It at least admits my IP range exists, but it's all in their DUL, which
is wrong and has been wrong for a dozen years. I've never had reason to
care.
All that says is that TrendMicro bought the MAPS assets and let them
rot. It does not speak to reputation services in general.
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
