At 12:20 AM -0500 11/30/03, Eric S. Raymond wrote:
Bill Cole <asrg(_at_)billmail(_dot_)scconsult(_dot_)com>:
At 11:05 PM -0500 11/29/03, Eric S. Raymond wrote:
>This is is a viable approach because there are so many fewer semding
>servers (concentrated at ISPs) than receiving servers.
What is your basis for this?
Well, for starters, the fact that people connected to AOL (which, last
I read, was still about 1/3rd of Internet users even America) never
originate their own SMTP transactions. Also true of most Yahoo users
and most Speakeasy users.
Those users never terminate their own inbound SMTP transactions. All
the SMTP for recreational users and businesses who don't operate
their own mail servers typically bottlenecks through ISP servers,
although it is somewhat likely for the small businesses to also
generate mail from senders that are not also receiving MTA's, i.e.
things like mailing gadgets associated with websites.
the exception to that is that most end users in that class DO in fact
initiate their own SMTP: to their providers' servers. If changes need
to be made in sending agents like the myriad of MUA's that use SMTP
to submit mail, that's a huge issue.
On a larger scale, there are a significant number of companies with
far more senders than receivers. For example, I am currently working
in an environment where there are approximately 150 different hosts
which handle their own outbound SMTP to the world, and some of those
have more than one SMTP sender implementation on them. Yet there are
only 2 machines with very tightly administered identical MTA's that
can accept SMTP connections from the outside world. That is not a
particularly unusual corporate environment.
There are far more non-ISP servers (sending and receiving servers)
than there are ISP servers. ISP's carry the most volume and have the
most users, but in a head count of machines intentionally and
actively running MTA's, they hold a minority.
You may be right --
Just think about it for a minute about all the non-ISP companies
handling their own mail service. It is a practical endeavor at about
the same scale where it becomes practical to have a full-time one-man
IT department. It's a lot of mail systems of scales smaller than any
serious ISP, but it is still a LOT of mail systems.
but even if you are, what I was really arguing is that is
we have a choice between technology that requires us to fix all the
world's senders and technology that requires us to fix all the world's
receivers, fixing *senders* is a much easier deployment problem.
I don't think so.
I have spent much of the past year trying to evangelize a reduction
in senders to one per host in the environment described above (i.e.
to eliminate or trivialize things like JavaMail in web apps and
worse abominations that barely implement a working subset of SMTP) so
that mail is auditable. Cutting down further is not going to happen
because there's no compelling reason to do so and some tangible
reasons not to. The result is 150 senders, 2 receivers.
In the end, I expect that there will need to be fixes to both senders
and receivers,
--
Bill Cole
bill(_at_)scconsult(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg