ietf-asrg
[Top] [All Lists]

Re: [Asrg] seeking comments on new RMX article

2003-05-06 16:17:27
From: Michael Rubel <asrg(_at_)mikerubel(_dot_)org>

...
VS> Yes, I did not realize that RMX was based on the notion that I've
VS> previously characterized as stuffing the Internet back into the old
VS> big BBS model favored by AOL. ...

...
The effect of RMX is to give domain owners a way to prevent third parties
from making email appear to come from them. 

That is the intended effect of RMX, but it is not the only effect.

                                             It has no bearing on who owns
or operate domains.  Nor does it, so far as I can tell, "forc[e] users to
pick an ISP and stick to it."  Any ISP capable of getting the packets to and
from your mail servers will do.

That is mistaken, unless you assume big-BBS model in which individual
computers are dumb terminals connected to a single big BBS style ISP.
Whether you other raw connectivity ISPs or a dialup modem through the
telephone system to reach the big BBS ISP is irrelevant to the big
BBS style of Internet you posit.

The common mode that you would outlaw is where people send from one
IP address with an unrelated envelope Mail_From value.  For example,
many people configure their computers at work to send with a envelope
and header value of a mailbox at a free provider.  They do this to
avoid entanglements between their words and their employer.  Because
are not named Bill Gates, they can't get Hotmail's RMX data to authorize
their sending IP address, if they know it, which may be literally
impossible because of NAT.

Another common case involves people traveling.  If you plug your laptop
into the network of a hotel or one of your consulting clients, you
might prefer to use an envelope and From header address at your home
systems instead of room1234(_at_)losangeles(_dot_)merriot(_dot_)com or 
guest(_at_)example(_dot_)com(_dot_)


VS> Have you considered Paul Vixie's version of RMX?  Given the premise
VS> of requiring users to have a "home sending MTA," why isn't Paul's the
VS> obvious and only reasonable instantiation of the idea?  What do new
VS> RRs buy that do not come from MX records, except a lot of problems?

If I understand his proposal correctly (and with all due respect to Paul),
the main problem is that a lot of domains don't obey this convention yet,
and you have no way to know which ones do and which ones don't.  So you
can't make very strong decisions based on it.  That's why you accept email
from cyndi(_at_)hotmail(_dot_)com, even if it obviously arrives from a 
third-party IP
address.

RMX records give us an upgrade path--a domain declares that it now conforms
to this convention by setting up an RMX records.

There are several problems with that reasoning.  
  - it assumes that Hotmail will ever have RMX records.  Because having
      RMX records would drive away a significant number of Hotmail's
      users, you'll always have decide to accept mail from 
cyndi(_at_)hotmail(_dot_)com
      
  - it assumes that you can't already decide to accept mail with Hotmail
      sender addresses only if it comes from a Hotmail SMTP client.  In
      fact it is common to check that the source of Hotmail mail is
      Hotmail.

  - for a long time, very few systems will have RMX records, so
      upgrade paths are irrelevant.

  - if you want to mark systems that follow Paul's convention so that
      you know which don't, you could pick a large MX preference that
      its extremely unlikely to be used for anything today.  For
      example, I bet that among the millions of MX RRs today, none
      has the preference 65391.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg