I've written a draft that I hope will help resolve some of the
inter-operability problems for different email authentication
methods. Before submitting it, I would like to make sure I haven't missed
something important.
The proposal is to add an ID command to the SMTP exchange, after EHLO, but
before MAIL. My main concern is backward compatibility. Here are the
relevant paragraphs:
EHLO mailserver7.my-company.com
ID mycompany.com
MAIL FROM: bob(_at_)sales(_dot_)my-company(_dot_)com
...
The proposed syntax will require extension of SMTP standard [RFC-
2821] and changes in current MTA software and practices. See section
7. IANA Considerations.
MTA software will need to be enhanced and deployed at sites that
provide email authentication. To minimize upgrade efforts these
changes should be bundled with the upgrade to enable authentication.
Receivers that don't recognize the ID command should return a Reply
Code 500 COMMAND UNRECOGNIZED. Receivers that recognized the
command, but chose to ignore it, should return 502 COMMAND
UNIMPLEMENTED. [RFC-2821] section 4.2.4. Senders should ignore
these errors, and proceed with the MAIL command.
Backward compatibility may be an issue for receivers that do not wish
to add authentication, but have been enforcing overly strict
requirements on SMTP syntax, perhaps for the purpose of spam
filtering. Mail with an unrecognized command should not be rejected.
The complete draft is at:
http://purl.net/net/macquigg/email draft-macquigg-authent-declare
Comments will be appreciated.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: david_macquigg at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *