Re: home server for email box

[Jeremy Ardley <jeremy@ardley.org>]

On 13/3/23 06:39, Vincent Lefevre wrote:
> O
> > Each of those options has  been chosen by the mail list administrator.
> >
> > As a general principal it's a good thing to know the system sending you mail
> > is genuine. Given the variety, there is no point in rejecting the email if
> > there is no certificate, but having a verified certificate could be used to
> > streamline any anti-spam processes such as not greylisting. I don't know if
> > postfix can do that yet, but it seems it would be a good thing.
> I think that DNS attacks are rather rare. Though strong authentication
> is useful for various kinds of application, it is much less important
> for antispam (I doubt that spammers do DNS attacks to let their spam
> through).
I'm not assuming DNS attacks rather I was wondering if a valid 
certificate could give better 'customer service' i.e. quicker delivery 
of mail.

Brief investigation suggests time consuming stuff happens before the 
certificate exchange - which in itself is expensive.

However later processes could be expedited or improved with a valid 
certificate e.g. reducing content inspection or dropping some connection 
checks on emails from DNS names specified in the certificate

--
Jeremy
(Lists)