On 02/17/12 13:51 +1300, Adrien de Croy wrote:
imap essentially already has its own mail submission component via imap
append. Users can trust who sends them messages, and can limit who can
send them messages (via enforceable acls). I just wish smtp worked more
like that, but that's a pipe dream.
I don't know how you can use APPEND to send a message to another user
unless you share a folder with them.
That's exactly what I want. I want to configure my ACLs to allow specific
users to connect via IMAP (or an SMTP replacement). If someone wants to
send me a message, their client connects directly to my server (why is
relay still necessary?). They authenticate over sasl using some fancy
federated authentication protocol (project moonshot) before being allowed
to post to my inbox.
1) The need for submission-and-relay goes away.
2) I can trust the identity of who's sending me a message.
3) I can fiddle with my acls bits to determine who I want to get messages
from.
When relay is *really* necessary, sasl authorization to allow servers to
act on behalf of domains/users should do the trick.
In my opinion (and I admit I'm getting off topic), spam is merely a problem
rooted in relay.
--
Dan White
_______________________________________________
imap5 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/imap5
