[Top] [All Lists]

Re: [ietf-smtp] Endless debate on IP literals

2020-01-01 13:34:28
On Wed, 1 Jan 2020, Keith Moore wrote:
In my mind the question is: how to explain to ordinary operators, administrators, IoT device vendors, etc. how to make this work well?    If someone is developing an IoT device that needs to send mail, what is that device required to do, what configuration options should it offer, etc.?

A BCP for submission configuration advice wouldn't be a bad idea. I don't think it needs to be very complicated but you're right that stuff that seems obvious to us is not to other people. I don't know much about embedded environments but I think we could suggest some best practices, e.g., if the recipient needs the IP address of the sending device, put it in the message and don't depend on recovering it from the envelope or From header.



p.s. I somehow doubt that we should recommend authentication based only on IP address at any level, though.    That's poor practice even for a small network that assigns static IP addresses to all of its hosts.   More broadly there's a widespread misconception that isolated networks are not subject to security threats or that perimeter defenses are sufficient to protect them,

It sounds like you may be conflating "authenticated" and "good". The point of authenticating submissions is so that you know where they're coming from, and you're not an open relay for every random hostile host in the world, not that you know it's mail the recipient wants. A device can be compromised or just have a bug and suddenly decide that it has 86,400 overdue update messages it needs to send right now through its 100% authenticated submission channel. That's why submission servers need sanity checks on the mail they handle.
ietf-smtp mailing list