On Mon, Jan 3, 2022 at 2:46 PM John Levine <johnl@xxxxxxxxx> wrote:
It appears that Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> said:
>The big benefit of moving to a separate infrastructure in which every
>message is authenticated and subject to access control with a default deny
>posture is we can leave the SMTP anti-spam heuristics behind.
Well, for about 15 minutes until we are reminded the hard way that
"authenticated" is not a synonym for "not spam". Spammers are if
anything better at DMARC, DKIM, et al., than legit senders.
'If there is value to be had, bad folk[0] will find a way to exploit it'
Also, as I have said a few times before, any walled garden big enough
to be interesting is big enough to have people you don't want to hear
from, even if the people are authenticated. The ur example is Facebook.
a bunch of the conversation about this seems a whole lot like 'tilting at windmills'.
The fact that 'encrypted email, end-to-end, has effectively 0% market share' really
says a lot about it as a product.
Perhaps, along with Patrik's note about: "Define which layer you are trying to secure"
a clear and concise requirements list would help the discussion along. Also, a reminder
that as you add difficulty to the traffic interception world you move the attack target up
the stack.. Now your dissidents (or enterprise users) are targeted not through their
network traffic, but through the applications they use, which aid in exploitation and
intelligence gathering at the endpoint. (substitute 'intelligence gathering' with 'making
crypto-miner-bots' or whatever the current fashion of the day is)
0: define as you may