On Mon, Oct 27, 2025 at 07:08:11PM +0300, monodev wrote: > I share your frustrations about email authentication protocols and big mail > providers, hence my original thesis that maybe email is not an ideal medium > for public forums from a technical standpoint. > > But I am not as cynical about SPF, DKIM, DMARC, I believe they're worthwhile > and we're definitely better off with them than without. The alternative to > not having any authentication methods is to maintain manual whitelists for > everyone which would produce an environment much more hostile to independent > hosters than the current one. > > > There's one big difference: with mail signature/encryption, it's mainly > > the mail body you are protecting (against tampering/eavesdropping). > > > > With DKIM it's a set of headers plus some portion of the body. > > It makes sense to sign some of the metadata associated with the message. For > a widely used protocol it'd be a necessity. As far as I know, only S/MIME seems to have a spec for signing/encrypting message headers, rfc9788. But I might be wrong (more often than not, I am). Cheers -- tomás
Attachment:
signature.asc
Description: PGP signature