ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] IETF Policy on dogfood consumption or avoidance - SMTP version

2019-12-27 12:05:48
On Fri 27/Dec/2019 18:35:22 +0100 John C Klensin wrote:
--On Friday, December 27, 2019 11:18 -0500 Keith Moore wrote:
On 12/27/19 4:13 AM, Alessandro Vesely wrote:

If users send out mail using the domain's MTA —as they
should

While this would be convenient, I'm not sure it's justified.
Sure, it's easier to do that with modern UAs than it used to
be, but I've seen several UAs that preferred one submission
server over others.   I've also seen environments that tried
to force outgoing mail to a specific submission server.

This might be an item for a "best email practices" RFC.  
But email usage is incredibly diverse.   I suspect we need
an alternative way for users to authenticate their mail than
to expect them to submit using their domain's submission
server.

FWIW, and speaking just as an individual rather than as editor,
I completely agree with Keith.  In addition, as long as many
domains do not support email services themselves but instead
either outsource the services and encourage their users to find
a large public (and free) mail provider, and many of those
providers make no attempt to authenticate those who sign up for
their services, it is not clear what "using the domain's MTA"
actually means.


I'd be tempted to define a domain's MTA after authentication methods, e.g.
having the mailout IP address listed in the domain's SPF record, or using the
domain's private DKIM key to sign outgoing messages.  However, the line quoted
above implied just letting the domain admins know at least the metadata of what
users send using the domain's name.

Users of free-mail providers may have privacy objections.


Best
Ale
-- 

































_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread] Current Thread [Next in Thread>