| Da: |
"Peter Moylan" <ecs-isp@2rosenthals.com> |
Intestazioni complete
Messaggio non codificato |
| Oggetto: |
Re: [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime |
| Data: |
Tue, 26 May 2026 10:45:52 +1000 |
| A: |
eCS ISP Mailing List <ecs-isp@2rosenthals.com> |
|
|---|
On 26/05/26 03:40, Massimo S. wrote:
This stuff (40 days certificate lifetime), like other idiocies i
believe are methods built by large companies to discourage the birth
of new small businesses in the sector, or to kick out the smaller
ones already there.
I completely agree. Putting certificates aside for the moment, I notice
this particularly in the case of SPF and DKIM for e-mail. As an
anti-scammer and anti-spammer measure, they are completely useless. The
scammers and spammers almost invariably create correct SPF and DKIM
headers. On the other hand, some legitimate senders get it wrong.
I once thought I had a good test for blocking unwanted mail. I started
checking whether the sending server had a "postmaster" address.
(Standards-compliant mail servers must always have a postmaster
account.) I had to stop this because too many "legitimate" senders were
failing this test.
The big operators are guilty of introducing lots of "security" measures
without stopping to think whether they will have any effect on security.
--
Peter Moylan peter@pmoylan.org
http://www.pmoylan.org
|