read the specification (updated 11 may 2023)
see best practices for implementers
check out the reference implementation
read the devblog (updated 11 may 2023)
Email is just as bad as the Web. It's grown to be complex, secure only with other protocols bolted onto it, and it supports all the nasty misfeatures that the Web does, like cookies and tracking beacons. Even worse, it's seeing active hostility from the major players of the Internet. Most ISPs block traffic on port 25, and you can't deliver mail to any of the big names (like Gmail) without jumping through hoops - and even then, it's a coin toss.
I would love it if there was a way around this, a standard way for people interested in the small web to communicate. Something like Gemini, which can be grokked and implemented by one person. To that end, I've been working on a replacement - but I need some feedback.
I've written up specs for a protocol named Misfin, named after the Manned Space Flight Network (MSFN). It's spartan, but not overly so. It's only concerned with sending messages; mailbox management and relaying are out-of-band. Neither does it do much to combat spam - it probably won't be used by enough people to matter - but it avoids the worst of SMTP's security gotchas.
Misfin requires TLS, because it gives us a nice simple way to verify senders and receivers. A Misfin certificate stores three pieces of information:
USER_ID The user's mailbox (admin, santa, xXxd3m0n5l4yerxXx, etc.) COMMON_NAME Who the user is - their name, or pseudonym, or w/e SUBJECT_ALT_NAME Hostname of the user's mailserver (example.com, misfin.org, etc.)
You can then stick the mailbox and hostname together into a Misfin address, i.e. santa@example.com. Authentication is up to you - maybe you have a whitelist of approved senders, or you mandate CA-signed certs, or you trust certs as they come in (TOFU). Or you don't do anything and suffer.
Maybe we should just worry about text. Maybe we don't want to accept big huge messages from strangers. Maybe we should be asking people nicely if they want to receive an attachment, rather than just sending it to them. Consider the following protocol. We send a single request, no more than 2048 bytes, and with an assumed mime of text/gemini:
misfin://mailbox@hostname.com Everything after this is the body of the message.\r\n
And the server tells us if it was accepted:
20 <fingerprint of the recipient>\r\n
Message sent, ezpz. Misfin is limited, but not crippled. Want to send a binary file? Throw it up on a Gemini server (you have one of those, yeah?) and link to it - you get the fingerprint of the receiver's certificate, so you could even gate it for them if it's eyes only. Can't fit your message into 2K? Send two, or maybe write less. (Most of the emails I got on the Gemini mailing list were smaller than that anyway).
Maybe. That's why I need your feedback. Download the reference specification and shoot me a Misfin letter (!) at rfc@misfin.org
Or, make a ticket on Sourcehut, or Github, or post about it on Station. Up to you. But you could be the first to send me a Misfin letter...
- ❤️ lem
older stuff:
The old version of this page, that explains Misfin(A)
Both protocols explained with fewer words
A draft protocol for Misfin(A), most of which applies for Misfin(B) as well