ietf-smtp
[Top] [All Lists]

Re: draft-daboo-srv-email

2010-01-07 23:46:44

Cyrus Daboo wrote:


Hi Tony,

--On January 5, 2010 6:49:16 PM +0000 Tony Finch <dot(_at_)dotat(_dot_)at> 
wrote:

A few comments on draft-daboo-srv-email:

Just to update everyone on the status of this draft - there are a whole bunch of comments pending from the original review of this last year. I have been waiting for the SRV registry spec to be updated following the heated debates at the end of last year which came to resolution at the meeting in Japan. Once that spec is out I will revise srv-email document. The other major point was having srv-email say very little itself about certificate verification, and instead refer to <http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-02>. It would be nice if that spec could have an explicit example of verification where SRV was used to get the server hostname.



This draft appears like a practical and simple proposal. I just added a SRV record for our winserver.com email domain.

_pop3._tcp              SRV     0 1 110 pop3.winserver.com.

A few comments:

1) Mail Pickup

I guess overall if I read the specs right, a MUA would do at least four (4) lookups? Assuming, there is a client design preference to checked for a secured host first, the order would be:

    _pop3s._tcp.winserver.com
    _imap3s._tcp.winserver.com
    _pop3._tcp.winserver.com
    _imap._tcp.winserver.com

And no decision can be made until all four are determined to allow for user selection idea. IOW, four queries MUST be made. Since this would normally be a one time thing, it doesn't present any high volume DNS overhead issue. +1.

2) What about outgoing?

Are MX records considered the solution?

Using GMAIL as an example, I think it only allows IMAP for receiving and SUBMIT (port 587) for sending. So wouldn't a SRV record be useful for the case where SMTP is used for outgoing when the incoming uses IMAP?

--
Sincerely

Hector Santos
http://www.santronics.com

<Prev in Thread] Current Thread [Next in Thread>