Re: [Nmh-workers] Re: should nmh be an MTA or an MUA?

[markus schnalke]

[2010-01-28 10:28] Earl Hood <address@hidden>
> On January 28, 2010 at 10:55, markus schnalke wrote:
> 
> > Nmh should work on a mailbox in the local filesystem. Incoming mail
> > should enter as plain-text through inc. Outgoing mail should leave as
> > plain-text to an MTA.
> 
> Not sure about this statement, especially "plain-text".
> 
> MH was written at a time when security considerations were
> not given much thought.  I think TLS support for submitting
> email to an MTA has become more of an essential function
> of MUAs (and the common GUI-oriented MUAs do support this).

I talk about the transfer from nmh's send command to
/usr/sbin/sendmail for example. That means from one local command to
another local command via a pipe. There is no network involved.

The local MTA will then care about encryption and authentication for
the transfer over the network.


> I'm not sure it is safe to assume that someone is able
> to install and run a third-party program on their local
> system to work as a secure submission proxy for nmh.

See it as dependency to the nmh package, like a library.


However, I don't want to discuss against you on how exactly to realize
this. You could probably tell me better. But I want to tell you, that
you should *freely* think about it.

Currently, I mostly hear: ``No it can't be done''.

Doing unusual things is always hard, but nmh is unusual too, and we
all love it because of that.

(Read the SMTP-only decision in ``The Cathedral and the Bazaar''!)


meillo