ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: WG to close ; Re: Make CSV backwards compatible with SPF? (new revisions)

2004-09-23 09:44:59
from [Douglas Otis] [Permanent Link] 

On Thu, 2004-09-23 at 07:50, Dave Crocker wrote:

CSV is a solution based on two methods: CSA vs. DNA.

 CSV is a suite of specifications that also includes DNA.


The assertion that there is a "versus" between CSA and DNA is quite 
simply wrong.  

Anyone not clear about the roles and functions of components in the the 
CSA specification is strongly encouraged to asked detailed questions 
about them.  That way, we will know what needs to be changed in the 
specifications, to improve their clarity.


 The EHLO/MAIL FROM validation is
useless if RCPT TO is invalid.


 CSV allows the construction of name based relationships to relate
 mailbox domains with the mail channel, as example, without requiring
 subsequent lookups.  


Invalid Rcpt-to?  I suspect that was meant to refer to RFC2821.mailfrom. 


Hector was describing a decision tree where, of course, there would be
no point checking beyond the obvious.  The message will be rejected due
to the bad recipient. 


In any event, the RFC2821.helo/ehlo parameter is is per-session and is 
used to validate the OPERATOR OF THE MTA.  The other SMTP parameters are 
per-message.  MailFrom validation mechanisms pertain to the SENDER OF 
THE MESSAGE.


Sorry, this is my fault for not being explicit with these references. 
CSV only validates the operator of the MTA.  With this operator name
established, it allows a safe construction of a name based relationship
of the mailbox-domain association with a mail channel.  This can be
something as simple as a name list.


From the standpoint of a reputation service, this information is of

little use, but for those wishing to improve operations of a mail
filter, as I think Hector was describing, such information is helpful. 
This type of enhancement is what SPF et al aspires to achieve.  I was
simply attempting to point out some of the additional advantages CSV
offered to help achieve their goal safely.  There should be a symbolic
relationship achieving these two goals.

CSV does not do MailFrom, From, or PRA validation.  CSV simply makes
MailFrom, From or PRA validation safer. 


These are entirely different entities, and validating each of them has 
entirely different benefits.


I can not agree more.  

-Doug
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WG to close ; Re: Make CSV backwards compatible with SPF? (new revisions), Alan DeKok
Next by Date:  Re: WG to close ; Re: Make CSV backwards compatible with SPF? (new revisions), Douglas Otis
Previous by Thread:  Re: WG to close ; Re: Make CSV backwards compatible with SPF? (new revisions), Dave Crocker
Next by Thread:  Re: WG to close ; Re: Make CSV backwards compatible with SPF? (new revisions), Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]