[Novalug] Thunderbird

RogerB@bronord.com RogerB@bronord.com
Mon Jun 24 10:58:12 EDT 2019


Well put, Peter.

Another, obvious solution: do not put into writing of you worry, for whatever reason, about someone reading what you have written. Not on paper: not digitally. Gmail may encrypt what one entrusts to them but they skim content first.

Think of how many high-flyers have been brought down to earth when the contents of their emails have shown up in court.

A compromise is end-to-end encryption. T-bird has GnuPG. Better than security through diffusion.

-- Roger Broseus
Pls excuse auto-correction induzed tiepos.

-----Original Message-----
From: Peter Larsen via Novalug <novalug@firemountain.net>
To: novalug@firemountain.net
Sent: Mon, 24 Jun 2019 10:28 AM
Subject: Re: [Novalug] Thunderbird

On 6/24/19 6:58 AM, Rich Kulawiec via Novalug wrote:
> It's much better to pull mail off servers ASAP, and if you need to have
> it available on multiple systems, use rsync to keep the message corpus
> synchronized across all of them.  (This also gives you another form
> of backup.)

For those of us who makes a living traveling, that's not really an option.

I do wonder if you apply this logic (risk management) outside of MTAs?
For instance, when you visit the doctor, are you responsible for
bringing all your medical records? How about bank records - they're
centralized as well?

Isn't DNS centralized too?
https://thenewstack.io/risks-dns-hijacking-serious-take-countermeasures/

I doubt anyone would disaggree that a central record has higher chance
of compromise. However, the solution isn't to create unmanaged/unsecure
replicas if you want to keep it secure, and it certainly isn't ignoring
the need for that central registry in the first place.

With banks, I can get my money out anywhere (not sure I really like
Blockchain here since that would give others insight into transactions
too), my medical records follows me electronically so regardless of
where I go, or what happens, the medical professionals can access it.
And when I travel, I can access new and old emails alike because I have
a (secure) central location that all my devices work around.  On the
road, I do most of my email on mobile devices - I doubt there even is an
"rsync" option here.

So yes, there's no doubt that a lot of MTAs have no clue what they're
doing. Being an IT professional, part of what "you" should be looking at
is if the people are worth the service you purchase (and if it's free,
well ....) - that doesn't mean it cannot be secured properly, and
provide you the flexibility IMAP provides.

What urks me is that IMAP is still around - a technology designed in the
mid 1980s seems ripe for a replacement/upgrade?

-- 
Regards
  Peter Larsen

**********************************************************************
The Novalug mailing list is hosted by firemountain.net.

To unsubscribe or change delivery options:
http://www.firemountain.net/mailman/listinfo/novalug


More information about the Novalug mailing list