Fediverse

32349 readers

451 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Follow the general Lemmy.world rules.

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago

MODERATORS

[email protected]

Does email (SMTP/POP3) count as a member of the fediverse? (lemmy.world)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

27 comments fedilink hide all child comments

i think it might in theory

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 1 year ago (2 children)

fair enough, i wonder if there are lessons to learn from email that can help the fediverse

[–] [email protected] 7 points 1 year ago (1 children)

Well for one, email is inherently insecure, so not sure if the fediverse can learn from that. It’s already not private.

[–] [email protected] 1 points 1 year ago (1 children)

It's not inherently insecure. There are secure email services but all parties have to be using it.

[–] [email protected] 2 points 1 year ago (1 children)

Exactly, that was my point. Email as it is, is insecure, because you can’t encrypt it and make it work universally unless everyone else does.

[–] [email protected] 1 points 1 year ago (1 children)

Exactly, that was my point. That means it is not inherently insecure.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

English isn’t my first language so I might be using “inherently” incorrectly, but I thought it means:

in a way that exists as a natural or basic part of something

So in its basic and natural form, email is not secure. It wasn’t designed as such. Full E2E encryption was only implemented recently by certain providers within their own domains, and won’t work across the board unless all of them cooperate, which won’t happen.

[–] [email protected] 2 points 1 year ago

"Inherently" means essentially "no matter how you do it". If you use an encrypted email provider to send a message to another user on another encrypted email provider, it's perfectly secure. Ergo, it's not "inherent".

Full E2E encryption was only implemented recently by certain providers within their own domains

It definitely works across domains. All you have to do is point your domain at your preferred secure email provider.

and won’t work across the board

It doesn't need to.

[–] [email protected] 3 points 1 year ago

@jimmy90 @zeppo For sure. One major lesson off the top of my head is with ActivityPub is how errors are presented. I’ve written software to fiddle around with ActivityPub and found servers have terrible - if any - error messages. SMTP provides a bunch of standardised status codes that servers can give back to you, along with diagnostic info. In theory this is possible with apub but in practice it is not addressed at all.

@fediverse