> On 11 May 2016, at 06:37, John R Levine <[email protected]> wrote: > >> Ask you the package maintainer of your favourite distro to update in time. > > Distro? Largish mail systems tend to use commercial software, which updates > when it updates. You mght want to talk to the people who maintain Port25 and > Communigate and MDaemon and MS Exchange and see what their schedules look > like.
I figure GMail and Yahoo run their own implementation, whereas large ESPs I've seen do indeed run open-source products on commodity hardware. FYI: My background includes large-scale WebOps, mail service providers and HPC engineering. I think I still have a Port25 shirt somewhere, these folks where rather reasonable, and I think they would not mind to add more security to their (quite excellent) product. >> DNS isn't MITM safe. DNSSEC non-existent. Also: I'd rather not see hacked-up >> cronjobs but proper implementations. > > Yes, we know. But, oddly, people send around gazillions of DMARC reports by > e-mail every day and it appears that the vast majority of them get to the > right place. Because nobody cares to MITM DMARC reports, at least I wouldn't. Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
