Re: Mail Data termination


John C Klensin wrote:



--On Wednesday, August 17, 2011 17:23 +0000 John Levine
<johnl(_at_)taugh(_dot_)com> wrote:

How does the 'discard' action of RFC5617 (DKIM ADSP) fit into
this  picture? Although RFC5321 and RFC5617 operate on
different protocol  layers, in real life the two are often
intertwined by way of MTA milter  callouts during SMTP DATA
phase.

For people who choose to implement ADSP (and you know how I
feel about that), I think it's fair to say that it operates at
a layer above SMTP.


Please also note that 5321 says, very explicitly, that a server
may make all sorts of exceptions to a close reading of the rules
to protect itself from attacks.  I'm not going to quote the
section number again -- the authors of several entries in this
long thread need to go back and read that spec again.  If one
views DKIM with ADSP as a necessary attack-prevention mechanism,
provisions of 5321 that seem contradictory are irrelevant.

I'm not sure which way to read your comment, but I don't see acontradiction.

The essential and common, general, NEW design consideration is thecontinued evolution of advanced mail integration by performing payloadanalysis in the DATA state in order to do three things;

- Accelerate what would be the same result if it was acceptedalways and

     processed after the session was added,

   - Eliminate/reduce the problematic Accept/Bounce Exploits, and

   - the "Throw Away" ideas does not conform via well with the 1986
     US ECPA provisions for "User Expectations" with the long

tradition of online and also SMTP mandating a rejectionnotification

     adheres too.

From a product liability standpoint, to avoid censorship claims, thedirection to provide the rejection notice during the smtp sessionsolve two major issues - keep with User Expectation notificationguidelines and reduce the serious Accept/Bounce Mail attacks.

I have always held the position that this debate and many others,centered around two basic modes of operations people use and SMTPneeds to work under - older original styles of always accepting thepayload and newer styles of tighter integration with the backend anddynamic processing of the payload. With operators mindset with olderstyles, a ADSP would be a NON-SMTP concept. But the PAYLOAD is partof SMTP so i don't agree with the concept.


--
Sincerely

Hector Santos
http://www.santronics.com

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Mail Data termination, (continued) Re: Mail Data termination, Hector Santos Re: Mail Data termination, John C Klensin Re: Mail Data termination, Tony Finch Re: Mail Data termination, Hector Santos RE: Mail Data termination, Murray S. Kucherawy RE: Mail Data termination, Murray S. Kucherawy RE: Mail Data termination, John C Klensin Re: Mail Data termination, Rolf E. Sonneveld Re: Mail Data termination, John Levine Re: Mail Data termination, John C Klensin Re: Mail Data termination, Hector Santos <= RE: Mail Data termination, Tony Finch Re: Mail Data termination, Hector Santos RE: Mail Data termination, Murray S. Kucherawy Re: Mail Data termination, Hector Santos RE: Mail Data termination, Murray S. Kucherawy RE: Mail Data termination, ned+ietf-smtp Re: Mail Data termination, Hector Santos Re: Mail Data termination, ned+ietf-smtp Re: Mail Data termination, Hector Santos Re: Mail Data termination, Hector Santos