ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] DSNs

2020-04-18 18:10:45


--On Saturday, April 18, 2020 21:06 +0000 John Levine
<johnl(_at_)taugh(_dot_)com> wrote:

In article <29104A0F-B9ED-4CD7-99B3-5A042375C68B(_at_)dukhovni(_dot_)org>,
Viktor Dukhovni  <ietf-smtp(_at_)ietf(_dot_)org> wrote:
On Apr 10, 2020, at 5:04 AM, Claus Assmann
<ietf-smtp(_at_)esmtp(_dot_)org> wrote:

On Thu, Apr 09, 2020, John R Levine wrote:

Oh, RFC 3461.  Agreed, it's basically an SMTP level web
bug.  Nobody implements that.

sendmail implemented it too (more than 20 years ago?). I
guess it should read "nobody enables/uses it"?

And likewise Postfix also implements RFC3461.  It is on by
default. I turn it off on inbound edge systems, and ignore
remote "DSN" on outbound edge systems.  That way, any DSNs
are sent within either my or the remote ADMD, but not across
ADMD boundaries. ...

I meant that nobody sends positive DSNs.  You're right, we get
lots of DSN bounces.

But, fwiw, I occasionally (very rarely) request delivery and/or
read receipts and sometimes (especially for the former) get
responses and get them in DNS form.  It may not be common, but
terms like "nobody" are a little strong.

And that brings me back to what I think are the key questions as
far as some potential WG that looks at 5321/5322 updates and
maybe their relationship to other email specs:

(1) Are DSNs implemented broadly enough that it is reasonable to
claim that the spec is good enough to allow interoperability?
Because RFC 3461 met the interoperability criteria for Draft
Standard 17 years ago, I think the only basis for claiming the
answer to that question is not "yes" would be the discovery of
some horrible problem in the specification that, if known, would
have produced a "no" answer when 3461 was reviewed and approved.

(2) Have they been deployed sufficiently to demonstrate that
they are perceived of as useful by at least some of the people
some of the time.  Noting that the requirements for full
standard do not distinguish between good and evil users, the
number of DNS requests --especially for read acknowledgments-- I
see in a month seems to make the case even if I don't choose to
have those acknowledgements sent back out.

(3) Have the specification or the feature proven sufficiently
problematic that we should be moving to deprecate RFC 3461
and/or the specifications that depend on it and/or update it?  I
haven't heard that argument yet.

And that leads to a question that I think is quite separate from
the above:

(4) Are DNSs sufficiently problematic under various conditions
that have been observed in the current world that we would
recommend that at least some of them not be used -- and requests
for them either rejected or ignored -- unless they are
accompanied by some mechanism that allows verification of the
legitimacy of the requestor and request and/or that the reply is
actually a response to a request and requestor.  Unless the
answers to some of those questions require changes to the DSN
spec(s) themselves, it seems to me they are matters for an
applicability statement about when and how DSNs should be used
(or not used) and not about the DNS specs.

Anyway, that is my analysis after reflecting on the recent
thread.  YMMD, of course.

best,
   john




_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp