[arch-general] Suggestions for email for a paranoid Archer
Gaetan Bisson
bisson at archlinux.org
Sat Oct 13 21:10:06 EDT 2012
[2012-10-14 00:21:15 +0200] Menachem Moystoviz:
> On Fri, Oct 12, 2012 at 3:19 PM, Kevin Chadwick <ma1l1ists at yahoo.co.uk> wrote:
> > Sending to you directly as this mail was rejected by the list!!!
> That's a pity, this mail is informative, however the mods might
> disagree with the tone you used with respect to Yahoo and Microsoft.
The problem isn't Kevin's tone, it's that he never gives any single
reference to support his claims. He assumes people will just believe him
and gives them no means to search for more information.
> > That's debateable, DOS sure, but you have much greater control and speed
> > of access with a local mail server and past mail will still be
> > accessible during any attack.
> I wasn't referring to DOS/DDOS-style reliability. In my mind,
> reliability ~= uptime > 99.999%
> Of course, you're correct in noting that the fact that a VPS is, by
> definition, distant from me,
> means that in case of a network outage or DOS attack, email is
> inaccessible and therefore
> a server at home is better in this respect.
So to access your emails when your server is being DDOS'd, you need to
sit at home where you are virtually cut off from the Internet. Clearly,
in this respect, a VPS is much better as its connection will withstand
much larger DDOS attacks than your home DSL.
> > For other parts of the thread, it's worth noting that Google is the
> > only one of the largest three providers that offers encryption between
> > MTAs though it's SSL is also incompatible with some/possibly many
> > servers and falls back to plain text. You can only check that on your
> > own server of course.
> So basically, you're saying that when I send email through Google's SMTP
> services, they try their best to keep the connections secure? Shouldn't that
> be, you know, standard?
> >
> > The fact Yahoo and Microsoft offer ssl to pop clients without telling
> > them they don't offer SSL between MTAs for performance reasons is
> > actually quite disgusting.
> If this is true, then it is definitely an objectionable practice, and
> should be widely published.
I asked Kevin for references regarding his above claims of Google,
Microsoft, and Yahoo practices. He couldn't give me any. So you can
decide to believe him or not, that's about it. Your "If this is true"
really shows what the problem here is... This list should not be a
vector for unsupported claims.
--
Gaetan
More information about the arch-general
mailing list