ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

nullmx (was: Last Call: draft-klensin-rfc2821bis)

2008-03-31 08:18:16
from [Frank Ellermann] [Permanent Link] 

Mark Andrews wrote:


First, it may have been obvious to you, but it wasn't obvious to 
many of us.   In the general case, it still isn't.  But you 
stated the situation exactly correctly.   "MX 0 ." means "I 
don't want email".   "SRV 0 0 ." doesn't really indicate "no 
service", it indicates "please do look for that service here".

 

"SRV 0 0 <hostname>" means look for that service here.
"." is not a valid hostname.


Possibly you miss a subtle point in the nullmx design, it does not
only mean "I don't want email".  It also means "any mail claiming
to be MAIL FROM me cannot be okay, because there is no route to
report non-delivery" [etc. down to RFC 3834 auto-replies, but the
REQUIRED capability is to report non-delivery].

On the DKIM list folks discussed to emulate "I send no mail" with
a public statement "all my mails are signed", and then simply not
sending signed mails.  That's possible, but rather indirect, and
won't help receivers not interested in DKIM signing practises.

Even more subtle, DKIM is not about the 2821 MAIL FROM, so this
approach is beside the point wrt SMTP.  Likewise a SenderID PRA
"spf2.0/pra -all" policy won't help wrt SMTP.

The SPF solution "v=spf1 -all" is acceptable, but this won't help
receivers not interested in checking SPF.  It also might not work
for receivers deciding to accept SPF FAIL, using it only as an
ingredient in scoring. 

Another now AFAIK long dead solution was a blacklist of domains
never sending mails, again not working for receivers not checking
this black list, or using it only as an ingredient in scoring.

nullmx tackles the problem directly within RFC 2821 and 2821bis
MUSTard, because receivers MUST report non-delivery they have no
business to accept an "impossible" reverse path bound to a nullmx.

Of course receivers intending to violate 2821(bis) could still
accept the nullmx reverse path, but that is their problem, folks
are free to be as stupid as they can get away with.

Disclaimer for those who have not read it on the general list:

I do NOT support to add nullmx post second Last Call to 2821bis,
and I don't think that billions of IPv6 toasters and webcams not
interested in mail should have a nullmx or publish "v=spf1 -all"
or whatever DKIM offers to say "all mail from me is discardable".

 Frank
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Minor is. It's not a pardigm change, Frank Ellermann
Next by Date:  Re: Minor is. It's not a pardigm change, ned+ietf-smtp
Previous by Thread:  Re: Last Call: draft-klensin-rfc2821bis, Mark Andrews
Next by Thread:  Re: nullmx (was: Last Call: draft-klensin-rfc2821bis), Mark Andrews
Indexes:  [Date] [Thread] [Top] [All Lists]