Re: [exim] support for domainkeys

Startseite
Nachricht löschen
Nachricht beantworten
Autor: David Woodhouse
Datum:  
To: Johannes M. Posel
CC: David Woodhouse
Betreff: Re: [exim] support for domainkeys
On Fri, 2004-09-24 at 23:13 +0200, Johannes M. Posel wrote:
> What happens if Yahoo, AOL, GMail or GMX don't allow the use of
> self-signed certs?


The same thing that happens if they suddenly decided to disallow the use
of localparts ending in numbers.... they lose valid mail.

Quite what would possess them to disallow the use of self-signed certs,
while simultaneously allowing non-TLS connections, I cannot imagine.

> What prevents a spammer from using a self-signed cert? Or what
> prevents him from always regenerating new certs?


Nothing prevents these, just as nothing prevents him from continually
registering new domains.

If the turnover is _really_ higher we could perhaps tie certs to domains
by abusing TXT records like SPF does.

--
dwmw2