Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
On 07/12/2023 12:56, Ralph Corderoy wrote: Hi Terry, As I said, I’m surprised that any hosting provider allows otherwise these days. Hugh, Can you please explain to me why using an alias (which has previously been set up as a mail forward) is a security risk? Can anyone explain this? I don't see the issue with a provider of email hosting for your-domain.com to allow you to send and receive emails from all and sundry addresses at that domain. Anti-spam measures SPF, DKIM, and DMARC work at the domain level AFAIK, not at the individual email address. Yes, to talk POP3, IMAP, or SMTP to your provider you will need to authenticate, preferably after establishing a encrypted connection using TLS. It's up to the provider what you authenticate with, e.g. ‘terry’ and ‘letmein’, what mailbox that gives you access to, and what email addresses it lets you send from. Talk to IONOS. If they persist in restricting their service then withdraw your custom to send them a price signal. :-) Many years ago when Ionos were 1 and 1, I threaten to withdraw my services from them (cant remember what the issue was), by the time I had got off the phone my account had been terminated. Fortunately I was intending to to move anyway and was part way through moving stuff the but it still left me with several hours of panic to get everything up and running on my new provider. Tim H -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
On 07/12/2023 12:56, Ralph Corderoy wrote: Talk to IONOS. If they persist in restricting their service then withdraw your custom to send them a price signal. :-) I've just despatched a complaint and threatened that very thing. -- Terry Coles -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
Hi Terry, > > > As I said, I’m surprised that any hosting provider allows > > > otherwise these days. > > > > Hugh, > > > > Can you please explain to me why using an alias (which has > > previously been set up as a mail forward) is a security risk? > > Can anyone explain this? I don't see the issue with a provider of email hosting for your-domain.com to allow you to send and receive emails from all and sundry addresses at that domain. Anti-spam measures SPF, DKIM, and DMARC work at the domain level AFAIK, not at the individual email address. Yes, to talk POP3, IMAP, or SMTP to your provider you will need to authenticate, preferably after establishing a encrypted connection using TLS. It's up to the provider what you authenticate with, e.g. ‘terry’ and ‘letmein’, what mailbox that gives you access to, and what email addresses it lets you send from. Talk to IONOS. If they persist in restricting their service then withdraw your custom to send them a price signal. :-) -- Cheers, Ralph. -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
On 07/12/2023 12:17, Terry Coles wrote: I still cannot understand where the security risk lies, so maybe it's time to ask IONOS. At least I won't be asking them to explain something that is obvious to everyone else, which was my initial concern. I just spoke to IONOS Support, who were remarkably quick to answer my call, but also remarkably useless. When I asked what the risk was in using mail forwards as aliases I was initially told that this was the new Policy, not what the risk was. When I persisted, I was eventually told that this was to stop me spamming! Since the alias would point to my legitimate domain, I fail to see how banning aliases prevents me getting away with spamming any more than using the mailbox address would. I now have to raise a complaint, but it looks as if I'm going to have to transfer my domain to another provider and laboriously set up all the aliases again (I have 399, although some of those may well be defunct). Hopefully the new provider won't have the same bright idea. -- Terry Coles -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
On 07/12/2023 12:10, Stephen Wolff wrote: I don’t think you’re being dense no, but emails can be cryptographically signed and also encrypted. Not sure if you can sign an alias. I'm aware that the *messages* can be encrypted and/or signed with a cryptographic signature, but that has nothing to do with the mailbox, let alone any alias pointing to that mailbox. I still cannot understand where the security risk lies, so maybe it's time to ask IONOS. At least I won't be asking them to explain something that is obvious to everyone else, which was my initial concern. -- Terry Coles -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] IONOS Appears to be Banning the use of Identities (Aliases)
I don’t think you’re being dense no, but emails can be cryptographically signed and also encrypted. Not sure if you can sign an alias. > On 7 Dec 2023, at 07:09, Terry Coles wrote: > > On 07/12/2023 07:03, Stephen Wolff wrote: >> My guess is if you can have an alias which isn’t (cryptographically) signed, >> you can pretend to be whoever you like, and as such spam folk as your best >> friend or worst enemy. I suppose the alternative is to use a mail service >> like Proton or something? > > AFAIK, a pukka mailbox isn't cryptographically signed and even if it is, the > alias simply points to a pukka mailbox in the same domain as the alias. > > Am I being particularly dense? > > -- > > Terry Coles > > > -- > Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 > Check to whom you are replying > Meetings, mailing list, IRC, ... http://dorset.lug.org.uk > New thread, don't hijack: mailto:dorset@mailman.lug.org.uk -- Next meeting: Online, Jitsi, Tuesday, 2024-01-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk