Remix clone Hacker News

It is possible to deliver emails IFF the receiving server presents a valid TLS connection and cert. I don't think I've seen anyone actually enforce that though.

▲

SoftTalker 4 days ago | parent | next [-]

Yes but the server itself has full visibility on the message while it is handling it. It can scan it for viruses, parse it for ad insertion, feed it to train an LLM, just keep a copy of everything, whatever.

	▲	grayhatter 4 days ago \| parent [-]
		yeah... that's why it's important to be able to trust your email provider... I assumed you meant anyone passing along the message, like a router, or rogue ISP. I was more going for the idea that you can make SMTP secure from sender domain to destination domain. If you don't trust your host, nothing else really matters, in all cases.

▲

kevin_thibedeau 4 days ago | parent | prev [-]

SMTP can use intermediate relays. TLS doesn't guard against the middlemen.

	▲	xp84 3 days ago \| parent \| next [-]
		I recognize that that is part of the protocol's design, but how common is that in practice on the modern Internet? If I'm using say, Outlook, or even some personal home server, and I have mail for example @ gmail.com, I would expect two things: 1. Microsoft, or my server, would look up the MX for gmail and send the email directly there, where I'd presume it's safe from maliciousness (obviously Google itself has access to it, I admit) 2. The only server that would accept mail from my server and relay it for me would be someone I'm paying, and they probably would accept it over TLS right?
	▲	grayhatter 4 days ago \| parent \| prev [-]
		When I suggested using TLS, signed by a trusted cert authority; and you're imagining some system, where a message sender connects to some 3rd party middleware box to relay the message, and this middleware box has a cert for the destination domain?