index prev next --- Petmail --- --- Brian Warner --- CodeCon2004 ---
 While we're replacing the MUA, we can improve the mail system in other ways.
 We know that spammers will eventually forge everything, so per-sender
 policies require cryptographic signatures. So we have public keys, so we can
 encrypt and sign everything. We don't make any claims about real-world
 identity of the sender, just that it was signed by the same person you
 granted permission to earlier, so we aren't maknig it any harder to be
 anonymous or pseudonymous.
 Since we have to publish a public key and a receiving policy for everybody,
 we can put other information into that record, and then decouple addressing
 and routing from identity. Instead of an email address defining your
 identity, it is merely a pointer to an identity, one which can have multiple
 addresses, or none at all. The agent knows how to contact everyone in your
 address book, so if you change anything (like adding or removing an address),
 it can update them all.
 SMTP bounces are basically unusable: they're hard to parse, or correlate to
 outbound messages, and they've been heavily abused by spammers. We should
 obey the end-to-end principle and let the agents be responsible for getting
 the message through an unreliable network, rather than the intermediate

  [trans] Now I'm going to go over the design of the Petmail system.

[deb-runthrough hit here at T+15min]