[Top] [All Lists]

Re: Has the IETF dropped the ball?

2005-03-09 14:49:58

----- Original Message -----
From: "Russ Allbery" <rra(_at_)Stanford(_dot_)edu>
To: "IETF-SMTP" <ietf-smtp(_at_)imc(_dot_)org>
Sent: Wednesday, March 09, 2005 3:53 PM
Subject: Re: Has the IETF dropped the ball?

We have a lot of good ideas out there, but there all suffer with the
same realization:

    "What to do about the legacy and/or non-compliant transaction?"

Yup.  That and the question of whether, given the degree of restrictions
some of these protocols put on how SMTP can be used, whether what's left
after the required slashing and burning of features is really usefully
SMTP any more.

My point is that the minimum that must be done is SMTP compliancy because
there are two basic categories of the above:

1) The Malicious (60-80%), and
2) The legitimate,

The facts are showing the latter is a dieing breed.  The legitimate legacy
and non-compliant is getting push out, replaced or updated for the simple
reason they are indeed legitimate and today they realize there is a need for
compliancy.   We continue to see customers who are now adjusting there
setups for this very reason.  Before they didn't have to. Today they do.

This old statement in SMTP 2821 simply no longer applies:

| 7.1 Mail Security and Spoofing
|   ...
|   This specification does not further address the authentication issues
|   associated with SMTP other than to advocate that useful functionality
|   not be disabled in the hope of providing some small margin of
|   protection against an ignorant user who is trying to fake mail.

If this was still the case, then we wouldn't be here today with this

It is no longer just an "ignorant user" but an industry of malicious abusers
and there is a great margin of protection by applying pressure on the
non-compliant mail senders.

This is the mindset we need to change.  We need a new 3821 document that
focuses on security first and relaxed provisions second.  Not the other way

Look. back in 1987, we all knew of the potential for Sender Spoofing.  It
was quite obvious the loop hole was there, but we also knew the abuse was
low at the time. Modem dialups was the norm and the topology was still
larger star based.  Therefore no real effort to close the loophole.

Today, we need to finally close it in a vast P2P environment to even come
close to increasing the reliability of augmented new email
authorization/authentication technology.

Until we do so, what use is any of the proposals if server still needs to
allow malicious non-compliant senders to exist in status quo form?   He has
no incentive to adopt if even to attempt to get around it.   No reason what
so ever.  That is exactly what we are seeing.


Hector Santos, CTO
Santronics Software, Inc.
305-431-2846 Cell
305-248-3204 Office