On Sat, Dec 1, 2018 at 7:01 AM Jeremy Stanley wrote: > Compromise of the cryptographic keys or primitives in use, > compromise of the authorized MTAs, compromise of the sender's > SMTP submission account, compromise of the sender's MUA/system, and > biggest of all of course is recipients who don't validate SPF/DKIM.
Good points. I've experienced spammers brute-forcing SMTP submission credentials and using that to send spam before, so I think that mitigating that using client-side TLS certs should be required, just as we do for SSH access to Debian machines. I'm not sure how many MUAs support that but MTAs do so using a local MTA to forward messages could be a reasonablish workaround. -- bye, pabs https://wiki.debian.org/PaulWise
