Re: [exim] support for domainkeys

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Johannes M. Posel
CC: David Woodhouse
Subject: Re: [exim] support for domainkeys
On Fri, 2004-09-24 at 23:13 +0200, Johannes M. Posel wrote:
> What happens if Yahoo, AOL, GMail or GMX don't allow the use of
> self-signed certs?


The same thing that happens if they suddenly decided to disallow the use
of localparts ending in numbers.... they lose valid mail.

Quite what would possess them to disallow the use of self-signed certs,
while simultaneously allowing non-TLS connections, I cannot imagine.

> What prevents a spammer from using a self-signed cert? Or what
> prevents him from always regenerating new certs?


Nothing prevents these, just as nothing prevents him from continually
registering new domains.

If the turnover is _really_ higher we could perhaps tie certs to domains
by abusing TXT records like SPF does.

--
dwmw2