| 1 |
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ |
| 2 |
On Monday, August 17, 2020 8:00 PM, Grant Taylor <gtaylor@×××××××××××××××××××××.net> wrote: |
| 3 |
|
| 4 |
> On 8/16/20 10:50 PM, Caveman Al Toraboran wrote: |
| 5 |
> > 3. vps admin is not trusty and their sys admin may read my emails, |
| 6 |
> > and laugh at me! |
| 7 |
> |
| 8 |
> Do you have any (anecdotal) evidence that this has actually happened? |
| 9 |
|
| 10 |
not specifically with a mail provider, but with |
| 11 |
other i.t. services, yes. and since they're all |
| 12 |
humans, then the simplest model that explains this |
| 13 |
is that this is about humans in general, and same |
| 14 |
past experience would extend to mail provider's |
| 15 |
admins. |
| 16 |
|
| 17 |
> Well, seeing as how you're talking about email, the biggest elephant in |
| 18 |
> the room is SMTP's default of unencrypted communications path. It's |
| 19 |
> realtively easy to add support for encryption, but more systems than I'm |
| 20 |
> comfortable with don't avail themselves of the optional encryption for |
| 21 |
> some reason. Sure, it's possible to configure many receiving SMTP |
| 22 |
> servesr to require it from specific sending systems and / or sending |
| 23 |
> domains. But this is effort you have to expend to enact these restrictions. |
| 24 |
|
| 25 |
yes. smtp is nasty, and also redundant. |
| 26 |
|
| 27 |
makes me wonder if i should just create me a |
| 28 |
hidden tor service that is just a normal website, |
| 29 |
and give its url to people (instead of email) who |
| 30 |
want to message me by telling them ``submit your |
| 31 |
messages to me''. then, verify messages by |
| 32 |
mailing their supplied email a confirmation |
| 33 |
message. |
Archives