ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Retries - may be related to closed issue 12 4yz behavior

2007-05-01 01:53:36
from [Hector Santos] [Permanent Link] 

SM wrote:
There was a time when email was a collaborative effort where we do our best to deliver the mail.
IMO, I don't think it really has not changed. Most system do follow this principle. We have not changed our product model to alter that fundamental principle and I will go on to further say laws are written on that principle as well. Our product is been ethically engineered and molded around that fundamental "user expectation" principle.
Nowadays it's more about whether the message is more important to the sender or the receiver. 

Thats two parts:
- Mail content interpretation which I would prefer all SMTP software writers still out of and let admin deal with that.
- And SMTP level compliance, which is something we concentrated on while still adhering to the above fundamental "User Expectation" principle.
By far, but all industry measures, the latter is where the majority of the exploitation has taken place to provide the threat entry points to given sysops and users the mail content fits.
Greylisted or not, if a server is temporarily rejecting an email transaction for typical normal (4yz) reasons as indicated in the example reply codes, I believer server implementations is basing this idea that the retry attempts will be made again with the same information.
No, it's greylisting which is based on that idea and not the SMTP implementation.
Well, I will argue that the successful growth of greylisting systems is based on the fundamental SMTP 4yz retry principles. It that wasn't the case, greylisting would not be a consideration.
I accept the idea that the client may not reissue the same ENV information, but that is by far *not* the normal practice in retry logics. Google would be the first that I know of, and I feel pretty sure that if Google is made aware of this greylist issue with their email validations logic, they would more than likely change it, then not, given the growth of greylisting systems.
In any case, if you feel that SMTP systems *should not* expect the same information when issuing a 4yz, then it SHOULD be mentioned in the specs. Currently that is not what is implied. Of course, it all depends on the where the 4yx is used. 

Thanks for your comments.

--
HLS
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Retries - may be related to closed issue 12 4yz behavior, SM
Next by Date:  Re: Recap: Re: rfc2821bis-03 Issue 32: "MUST take responsibility", Hector Santos
Previous by Thread:  Re: Retries - may be related to closed issue 12 4yz behavior, SM
Next by Thread:  Re: Retries - may be related to closed issue 12 4yz behavior, Peter J. Holzer
Indexes:  [Date] [Thread] [Top] [All Lists]