Re: RFC 5321bis / 2821ter
2009-01-30 11:34:11
John C Klensin wrote:
The following are all
perfectly valid decisions under 5321 as written:
* Rejecting the EHLO command and message because the
argument does not follow the syntax rules.
* Rejecting the EHLO command and message because the
apparent FQDN in the argument does not resolve at all in
the public DNS.
* Noticing that the EHLO argument does not resolve to
the address obtained from the connection, writing a
private-use header into the message that records that
fact, and then forwarding/delivering the message anyway.
* Noticing that the EHLO argument does not resolve to
the address obtained from the connection, delivering the
message anyway, but delivering it to a folder different
from the one that would normally be used for incoming
messages associated with the RCPT command address.
I agree with Paul that the second point is not obvious. The text above
is much clearer than the spec!
DNS/whois data has experienced a series of adjustments for the
sake of privacy and users' right to anonymity. I accept that it should
be possible for a user to send mail anonymously. However, I'd
refuse that the operators of an SMTP relay may remain anonymous. Is that a
more or less universally agreed stance?
It depends on _exactly_ how you define "SMTP relay". If it
includes submission servers, the same privacy arguments that
have been applied to senders would apply to it too.
I beg to differ. As a postmaster, I may grant anonymity to my users.
For example, I may suppress identification in the Received header.
Thus, I can be readily identifiable, e.g. via whois information, while
my users can send anonymously by altering their From header. Note that
their anonymity is only granted until a judge will want to investigate
my logs. (Since 2005, the Italian law forces "operators" to keep logs
of mail transactions for some months; in the UK, they've been
discussing this recently --it's an EU anti-terrorism determination.)
Not being an anonymous operator involves choosing an ISP that does
reverse DNS delegations, and registering a domain directly rather than
through a whois-privacy-enhanced registrar. The first step is not
always possible, which is why we had that discussion on submission
identifiers. The second step is the rule, AFAIK. Although I know that
whois queries on each incoming message would not be tolerated, what I
meant to ask is whether the recognizability implied by the EHLO
command is meant, from an ethical POV, to reject anonymous relays.
The ability
to close down or restrict traffic from servers that support
anonymous senders is equivalent to the ability to shut the
anonymous senders down.
I don't think I know what you mean. Formally, I cannot know if an SMTP
server supports anonymous senders.
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: RFC 5321bis / 2821ter, (continued)
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Hector Santos
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Hector Santos
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Alessandro Vesely
- Re: RFC 5321bis / 2821ter, John C Klensin
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, David MacQuigg
- Re: RFC 5321bis / 2821ter, John C Klensin
- Re: RFC 5321bis / 2821ter,
Alessandro Vesely <=
- Re: RFC 5321bis / 2821ter, John C Klensin
- Re: RFC 5321bis / 2821ter, Alessandro Vesely
- Re: RFC 5321bis / 2821ter, Tony Finch
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Tony Finch
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Alex van den Bogaerdt
- Re: RFC 5321bis / 2821ter, Paul Smith
- Re: RFC 5321bis / 2821ter, Hector Santos
- Re: RFC 5321bis / 2821ter, John C Klensin
|
|
|