Re: [mailop] Restricted email address UIDs for public email domains

2017-07-27 Thread Rich Kulawiec
On Wed, Jul 26, 2017 at 04:22:55PM -0700, Michael wrote: > You might be going too stringent in that case.. I don't think so. This would allow fred.amazon@ and things that meet those kinds of use cases, while disallowing amazon@ and amazon.com@. Note that I don't particularly like this -- years ag

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Vittorio Bertola
> Il 26 luglio 2017 alle 19.10 Brandon Long ha scritto: > > Why can't smtp software being expected to maintain a list of trusted CAs? > Or at least run on an OS that is expected to do so. > There is a standard explanation (literally) in RFC 7672, section 1.3, and especially 1.3.4.: "Ev

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Dave Warren
On Thu, Jul 27, 2017, at 09:05, Vittorio Bertola wrote: > >> Il 26 luglio 2017 alle 19.10 Brandon Long ha scritto:>> >> Why can't smtp software being expected to maintain a list of trusted CAs? >> Or at least run on an OS that is expected to do so.> There is a standard >> explanation (liter

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Grant Taylor via mailop
On 07/27/2017 11:44 AM, Dave Warren wrote: I've never understood why this is a special challenge in the SMTP world, it's generally a solved problem for HTTPS, XMPP, and various other protocols. It's my understanding that the problem has to do with the (lack of) people involved in the transact

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Phil Pennock
On 2017-07-25 at 22:10 -0400, Eric Tykwinski wrote: > Sorry, probably straying from the topic, but does anyone know any good SMTP > tests for DANE. > I’m using https://dane.sys4.de/ currently and it works, but I would like > something with some more details if possible. Self-pimping: https://

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Brandon Long via mailop
On Thu, Jul 27, 2017 at 11:32 AM, Grant Taylor via mailop wrote: > On 07/27/2017 11:44 AM, Dave Warren wrote: > >> I've never understood why this is a special challenge in the SMTP world, >> it's generally a solved problem for HTTPS, XMPP, and various other >> protocols. >> > > It's my understand

Re: [mailop] self-signed cert for inbound TLS

2017-07-27 Thread Brandon Long via mailop
On Thu, Jul 27, 2017 at 9:05 AM, Vittorio Bertola < vittorio.bert...@open-xchange.com> wrote: > > Il 26 luglio 2017 alle 19.10 Brandon Long ha scritto: > > Why can't smtp software being expected to maintain a list of trusted CAs? > Or at least run on an OS that is expected to do so. > > There is