On 2024-05-23 at 20:12:09 UTC-0400 (Fri, 24 May 2024 12:12:09 +1200)
Peter via Postfix-users <pe...@pajamian.dhs.org>
is rumored to have said:
On 24/05/24 01:42, Bill Cole via Postfix-users wrote:
[...]
It is also helpful as a matter of system design to decouple user
email addresses from their login usernames. For example, all of the
email addresses I give to companies are aliases, so none of them are
at all useful if compromised in a breach. The username I use to
authenticate to my mail server cannot be mailed from anywhere but the
mail server itself. This assures that no matter how many systems get
breached where I've got an account, none of those usernames and
passwords are useful to the thieves. I set this up almost 30 years
ago as a spam control measure, but the greatest benefit has been in
basic account security.
This is good advice for the email admin personally but increases the
complexity for other users to a point where it's probably not worth
it, imo. To elaborate aliases are great, but trying to reject email
to the primary mailbox address, or trying to force users to pick a
different username to their primary mailbox email address can be
problematic.
Right, it is difficult to retrofit a robust model with arcane aliasing
kinks onto an existing userbase. It is much less hard to switch users
from authenticating as cuten...@example.com to
cuten...@mailauth.example.com even though they still get all their mail
at the simpler, preferred address. The critical point is to make the
session authentication identity for mail different from the mail
delivery address, because they have definitely used that delivery
address for authentication elsewhere.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
