02 07 | 2014

PayPal cut a secure email project's funds

Written by Tanguy

Classified in : Homepage, Debian, Miscellaneous, Grumble

It should be no news that PayPal have made an habit of opposing to projects that fight for the respect of freedom and democracy by cutting their funds. Anyway, they have just provided us another example of such an abuse, against the ProtonMail project.

Read more PayPal cut a secure email project's funds

08 04 | 2014

Disable your spammed addresses with Postfix

Written by Tanguy

Classified in : Homepage, Debian, Command line, To remember

Using address extension

Postfix (and many other mail servers) offers one nice address extension feature: addresses like <user+whaterver@> are implicit aliases to <user@>. This allows users to implement a simple measure to fight spam:

  1. when SomeCompany® or whatever asks for your email address, give them <user+somecompany@>;
  2. if you start receiving spam at that address, you know who sold or was stolen your address;
  3. finally, you will be able to disable that address so messages are simply refused with a permanent error code.

Read more Disable your spammed addresses with Postfix

17 09 | 2013

Google, your IPv6-related email restrictions suck

Written by Tanguy

Classified in : Homepage, Debian, Grumble

After years of waiting, Google has finally enabled IPv6 for their email service Gmail. And a few weeks ago, they updated their policy, adding one specific rule: reject email from IP addresses with no reverse name:

% nc -Cv gmail-smtp-in.l.google.com. smtp
Connection to gmail-smtp-in.l.google.com. 25 port [tcp/smtp] succeeded!
220 mx.google.com ESMTP bz2si13656083wjc.108 - gsmtp
HELO boo.example.com
250 mx.google.com at your service
MAIL FROM: <me@example.com>
250 2.1.0 OK bz2si13656083wjc.108 - gsmtp
RCPT TO: <you@gmail.com>
250 2.1.5 OK bz2si13656083wjc.108 - gsmtp
DATA
354  Go ahead bz2si13656083wjc.108 - gsmtp
Subject: Test
From: Me <me@example.com>
To: You <you@gmail.com>

Test.
.
550-5.7.1 [2001:db8:8e3f:43c7::12      16] Our system has detected that this
550-5.7.1 message does not meet IPv6 sending guidelines regarding PTR records
550-5.7.1 and authentication. Please review
550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more
550 5.7.1 information. bz2si13656083wjc.108 - gsmtp

Read more Google, your IPv6-related email restrictions suck

07 06 | 2013

Looking for an SPF milter

Written by Tanguy

Classified in : Homepage, Debian, Lazyweb

Envelope

For email extensions such as SPF, DKIM and DMARC, I think the most flexible and portable system is the milter protocol. Originally developed for Sendmail, it is now also supported by Postfix, and it allows to “plug” specific filters in the mail server without the hassle of the previous systems like SMTP proxies.

Read more Looking for an SPF milter

18 10 | 2012

An email header field to indicate you would like encrypted replies

Written by Tanguy

Classified in : Homepage, Debian

A letter with a wax seal

As you may know, when Phil Zimmermann published PGP, his goal was to counter the wide spying possibilities the development of electronic communications offered to the authorities, by promoting the general use of encryption so that 1. governments would not be able to restrict it afterwards and 2. it becomes possible to encrypt messages for privacy without drawing suspicion.

Now, cryptography has made its way and is widely use, but mostly for commercial website and only sparsely for mail. Indeed, contrary to signing, encrypting a message requires that the recipient has a crypto key and is able and willing to use it to decrypt your message.

To alleviate this problem, I thought that it would be useful to have a way, when sending a message, to tell your recipients that you would like that they encrypt their answers, because you are able and willing to get encrypted mail. I think the most relevant way to do that would be by adding a dedicated header field:

In that header, one would be able to indicate what protocols he accepts. I suggest a comma-separated list, with the following possible values: PGP (or PGP/MIME and PGP/traditional for people that only accept one of these two PGP formats), S/MIME. For instance:

It may be useful to be able to indicate that you either always wish your messages to be encrypted, or that it is only for this message's replies. If this is really relevant, it would take two distinct headers: and .

Any thought about that proposal? Next thing to do, determine how to have that standardized at IANA and how to promote it.

page 1 of 2 next

Archives