[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why don't gnu.org and RMS sign mail?
From: |
Dmitry Alexandrov |
Subject: |
Re: Why don't gnu.org and RMS sign mail? |
Date: |
Sun, 10 Nov 2019 04:49:27 +0300 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Alexandre François Garreau <address@hidden> wrote:
> Le samedi 9 novembre 2019 23:32:59 CET, vous avez écrit :
>> Alexandre François Garreau <address@hidden> wrote:
>> > Le samedi 9 novembre 2019, 21:44:46 CET Dmitry Alexandrov a écrit :
>> >> In the light of yet another letter from your impostor, do you have any
>> >> more unresolved questions, that impede you from starting to sign mail?
>> >> Feel free to ask them.
>> > Note signing can be avoided with effective spf policy.
>>
>> No, it can not. SPF has nothing to do with message headers. Itʼs an
>> antispam measure, that can help to detect fakes when one tries to fake a
>> domain name of his _SMTP-server_ (e. g. claim that his 89.184.73.65 is not
>> nvs406.mirohost.net but fencepost.gnu.org), but our impostor have not
>> bothered to do it.
>
> It is both meant to authentify IP adresses and domains. So
> nvs406.mirohost.net instead of fencepost.gnu.org stays invalid as of strict
> SPF policy (if DMARC asks to enforce it).
Ah, so itʼs not SPF-only but DMARC/SPF. Then yes, of course. But...
>> GPG can be avoided by choosing DKIM instead (+ optionally a DMARC policy),
>> but this _is_ a cryptographic signature.
>
> That’s why I didn’t talk about it.
...unfortunately, strict DMARC that relies only on SPF without DKIM is nearly
unusable for anyone who wants to use mailing lists: remailed message is no
longer originated from, say, fencepost.gnu.org but from a listserver, and
signature that could be used to prove the authenticity in the other way, is
absent.
signature.asc
Description: PGP signature
- Re: Why donÊüt gnu.org and RMS sign mail?, (continued)
- Re: Why donÊüt gnu.org and RMS sign mail?, Richard Stallman, 2019/11/01
- Re: Why don�Š�¼t gnu.org and RMS sign mail?, Jean Louis, 2019/11/01
- Re: Why donʼt gnu.org and RMS sign mail?, Dmitry Alexandrov, 2019/11/02
- Re: Why donÃÆÃ
 Ãâüt gnu.org and RMS sign mail?, Richard Stallman, 2019/11/03
- Re: Why donʼt gnu.org and RMS sign mail?, Dmitry Alexandrov, 2019/11/03
- Re: Why don't gnu.org and RMS sign mail?, Dmitry Alexandrov, 2019/11/09
- Re: Why don't gnu.org and RMS sign mail?, Alexandre François Garreau, 2019/11/09
- Re: Why don't gnu.org and RMS sign mail?, Dmitry Alexandrov, 2019/11/09
- Re: Why don't gnu.org and RMS sign mail?, Alexandre François Garreau, 2019/11/09
- Re: Why don't gnu.org and RMS sign mail?,
Dmitry Alexandrov <=
- Re: Why don't gnu.org and RMS sign mail?, Richard Stallman, 2019/11/10