At 6:40 AM -0700 5/8/05, William Leibzon wrote:
Content-Type: MULTIPART/signed;
BOUNDARY="-1747394880-789508825-1115559648=:7484";
protocol="application/x-pkcs7-signature"; micalg=sha1
On Fri, 6 May 2005, John R Levine wrote:
Here's the latest draft of the proposed BCP from Carl Hutzler et al about
mail submission. I think it's pretty good and barring a lot of hate mail
I'd like to say that the ASRG likes it so I can nudge it down the path to
BCP-hood.
This document effectively says that all users are to send their
email by relaying it through their ISP SUBMIT service (not only home
but also while
traveling) rather then make attempts to do it directly.
Not exactly. It says that access providers SHALL NOT impede SUBMIT
and MSA operators MUST support authenticated submission on port 587
if they accept external submission.
MSA and access providers have been telling users a mix of things over
the past decade, and the result has been a muddle, with less-skilled
users and providers failing to understand what is reasonable and
safe. This draft does not state anywhere that I can see that a
roaming user should not adjust his mail submission practices based on
where he is hooked into the net, which is one common practice that
works much of the time (but breaks sender domain verification schemes
like SPF.) In fact, it seems that the diagram in Section 4 implies
this to be an acceptable practice, as it shows traditional port 25
submission between a MUA and MSA on the same network.
It is useful to note in reading this draft (and I would hope in any
other that reaches the same point) the use of the theoretical
MSA/MDA/MTA/MUA model. When the word 'submission' is used, it is
referring not only to port 587 submission, but to the act of a MUA
handing mail to a MSA.
In the end, nothing in this draft says that anyone should not use an
MSA associated with the network they are connected to, it only draws
the guidelines for how access providers and MSA providers should both
behave to make it possible for users to do otherwise in an orderly
and safe manner.
I entirely agree with such system, but I just want to make sure
everyone is aware that is an intent that specifies consensus of the
community as
previously there has been a lot of disagreements to making
restrictions to roaming users of this nature (starting with debates
about when open relays were closed few years back).
I am quite pleased with the draft, but I think you are reading into
it a little more than is there.
--
Bill Cole
bill(_at_)scconsult(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg