| Da: |
"Massimo S." <ecs-isp@2rosenthals.com> |
Intestazioni complete
Messaggio non codificato |
| Oggetto: |
Re: [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime |
| Data: |
Tue, 26 May 2026 12:03:48 +0200 |
| A: |
eCS ISP Mailing List <ecs-isp@2rosenthals.com> |
|
|---|
Il 26/05/2026 02:45, Peter Moylan ha scritto:
On 26/05/26 03:40, Massimo S. wrote:
This stuff (40 days certificate lifetime), like other idiocies i
believe are methods built by large companies to discourage the birth
of new small businesses in the sector, or to kick out the smaller
ones already there.
I completely agree. Putting certificates aside for the moment, I notice
this particularly in the case of SPF and DKIM for e-mail. As an
anti-scammer and anti-spammer measure, they are completely useless.
Completely not, but they are rarely useful.
SPF have complicated a lot all the SMTP stuff, but they help
a bit to eliminate unwanted smtp senders or clients's employee
that mess with email clients.
The scammers and spammers almost invariably create correct SPF and DKIM
headers. On the other hand, some legitimate senders get it wrong.
In the 95% of cases yes.
I once thought I had a good test for blocking unwanted mail. I started
checking whether the sending server had a "postmaster" address.
(Standards-compliant mail servers must always have a postmaster
account.) I had to stop this because too many "legitimate" senders were
failing this test.
Unfortunately, yes.
The big operators are guilty of introducing lots of "security" measures
without stopping to think whether they will have any effect on security.
Exactly.
massimo
|