ietf-asrg
[Top] [All Lists]

Re: [Asrg] I-D: Email Submission Between Independent Networks

2005-05-08 09:26:21
At 6:40 AM -0700 5/8/05, William Leibzon wrote:
Content-Type: MULTIPART/signed;
        BOUNDARY="-1747394880-789508825-1115559648=:7484";
        protocol="application/x-pkcs7-signature"; micalg=sha1


On Fri, 6 May 2005, John R Levine wrote:

Here's the latest draft of the proposed BCP from Carl Hutzler et al about
mail submission.  I think it's pretty good and barring a lot of hate mail
I'd like to say that the ASRG likes it so I can nudge it down the path to
BCP-hood.

This document effectively says that all users are to send their email by relaying it through their ISP SUBMIT service (not only home but also while
traveling) rather then make attempts to do it directly.

Not exactly. It says that access providers SHALL NOT impede SUBMIT and MSA operators MUST support authenticated submission on port 587 if they accept external submission.

MSA and access providers have been telling users a mix of things over the past decade, and the result has been a muddle, with less-skilled users and providers failing to understand what is reasonable and safe. This draft does not state anywhere that I can see that a roaming user should not adjust his mail submission practices based on where he is hooked into the net, which is one common practice that works much of the time (but breaks sender domain verification schemes like SPF.) In fact, it seems that the diagram in Section 4 implies this to be an acceptable practice, as it shows traditional port 25 submission between a MUA and MSA on the same network.

It is useful to note in reading this draft (and I would hope in any other that reaches the same point) the use of the theoretical MSA/MDA/MTA/MUA model. When the word 'submission' is used, it is referring not only to port 587 submission, but to the act of a MUA handing mail to a MSA.

In the end, nothing in this draft says that anyone should not use an MSA associated with the network they are connected to, it only draws the guidelines for how access providers and MSA providers should both behave to make it possible for users to do otherwise in an orderly and safe manner.


I entirely agree with such system, but I just want to make sure everyone is aware that is an intent that specifies consensus of the community as previously there has been a lot of disagreements to making restrictions to roaming users of this nature (starting with debates about when open relays were closed few years back).


I am quite pleased with the draft, but I think you are reading into it a little more than is there.

--
Bill Cole bill(_at_)scconsult(_dot_)com


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg