John Leslie wrote:
In facts, we don't even have a term for "the accountable party related
to an IP address".
Are you sure that's a useful concept?
Not at all. However, after noting that per-user accountability in the
pgp/smime sense cannot be used for general email, the tendency seems
to look after the IP address of the transmitters, much like pinching
hackers on the fly is sometimes shown on the movies.
The CSV paradigm is that the operator of a MTA should exercise some
responsibility for what is sends. The HELO string identifies the MTA
(though not necessarily one string exclusively by one MTA), and the
DNS management for that domain-name string states whether that domain
exercises responsibility (and by automatic return of A)ddress RRs on
SRV queries, what IP address(es) that MTA uses).
The link from the MTA to its operator is still missing.
While this perhaps comes "close", it's not designating an "accountable
party"; and the IP address is related to the HELO string, not the other
way around. It does _not_ lead to an "accountable party" -- it merely
associates a reference string (the domain name) that we can use as a
query to reputation services.
To this end, I'd prefer the use of a domain name. One reason is that
large ESP have many MTAs that can be used interchangeably. In
addition, the person responsible for an MTA is not always identifiable
(in Italy, the mandate to state who are the sysadmins of an MTA is
being procrastinated every few months, since November 2008.) By
contrast, domain registrants often have whois records pointing to them.
Rfc5068
associates accountability after submission with traceability features
of the MSA, apparently suggesting that the first relaying thereafter
is from an IP which is (indirectly) accountable for the message content.
Actually,
"
" Relaying and delivering employ policies that occur after submission and
" are outside the scope of this document.
RFC5068 deals with the operation of Mail Submission Agents. I don't agree
it even "suggests" how accountability should follow the message as it
winds its way to the recipient.
It does. Notwithstanding the sentence you quoted, there is a
"Submission Accountability after Submission" paragraph in section 3.1,
saying
For a reasonable period of time after submission, the message
SHOULD be traceable by the MSA operator to the authenticated
identity of the user who sent the message.
A similar norm is mandated by anti-terrorism regulations, in the EU at
least.
That way, accountability could be theoretically traced, _if_ the first
submission followed those guidelines. While I can be reasonably sure
that the connecting client is not an open relay, after IP based DNSBL,
I have no means to know that the site either enforces the submission
protocol in general, or did so for at least the messages it is about
to relay.
Thus, it turns out that if an MTA does mixed MSA and old fashioned
port 25 relaying for its clients, its IP cannot convey accountability.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg