Michael Storz wrote:
The longer I follow this discussion and think about it, I am feeling that
the cleanest solution would be to deprecate implicit MX even for IPv4. In
the meantime I am convinced the implizit MX is a defect of RFC 2821. It
was introduced more than 20 years ago as a workaround to get the routing
via explizit MX RRs running.
Therefore from an operational and liability standpoint it is time to
deprecate the implizit MX RR. You had the guts to the deprecation the
source routes some years back. Now have the guts to deprecate the implizit
Well, from a liability standpoint, in my view, eliminating the IMPLICIT
MX can certainly be viewed as the WRONG direction.
Since 1986, when push came to shove, the US ECPA provided the court
precedence argument for legal claims of Censorship, Malpractice and
Tortious Interference (interrupting your business) where USER
EXPECTATIONS where not met and that included the expected posting or
delivery of mail and it can't be done, a notification was required. The
2821 level reject satisfies this notification requirement and so does
the problematic accept-bounce post smtp action. In the US, this has been
relaxed in 2000 to satisfy the Mommy (child porn) Market and to also
encourage the development of AVS systems without legal ramifications.
However, there is still an expectation of delivery of mail and a system
can be held accountable for unwarranted intentional lost. This comes
under the "Good Samaritan" provisions of the 2000 law. Of course, no
one normally hear of this thus the "Myth of no liability" because there
is generally usually no money in it and you must prove harm was done.
So where does mal-practice comes? Doing something that goes against
the standard and expected practice, norm and what experts of the
industry would not normally do - hence the definition of MalPractice.
I say leave well enough alone if you want to invent NEW expectations,
then you MUST raise the bar from what is normally done and you can only
do this with NEW indicators and state values.
is IPv6 it? From a legal standpoint, I say yes.
Is DKIM it? From a legal standpoint, I say yes.
Is Port 587 it? From a legal standpoint, I saw yes.
But not a legacy system like IPv4 with no indicators, I say no.
Hector Santos, CTO