--On Saturday, April 25, 2020 14:46 -0700 Dave Crocker
<dhc(_at_)dcrocker(_dot_)net> wrote:
...
First, I meant whether the feature worked, for whatever
reason. If operational policy prohibits its use, then it
doesn't work.
Dave, I think this is where either your comments are still not
clear (at least to me) or we disagree.
Suppose there were correspondents, or even domains, for which I
have found read receipts useful and something I'm willing to let
them use. So, because of them, I advertise the availability of
that feature in the EHLO response. When the MAIL command comes
along and doesn't contain that domain or mailbox, I reject the
request. Now, which mailboxes or domains to accept is an
operational decision, but the behavior, AFAICT, is fully
conforming and it certainly don't mean that the features doesn't
work, just that I have an operational policy prohibiting its use
in most circumstances. The security vunerability of that
particular policy are obvious but, if I were to tighten them up
to require the the identity of the sender be proven to my
satisfaction, it wouldn't change the analysis.
That exactly becomes particularly striking in the case of read
receipt--type MDNs because, even if the delivery MTA advertises
the feature and accepts the request, all it can do then is to
pass the request on to the receiving MUA because only it knows
whether the message was read (maybe a message body retrieval
request to an IMAP server would be an adequate approximation,
maybe not). Now there is an end user operational policy issue:
"do I allow a read receipt to be sent to to particular sender?".
That user may have any operational policy he or she fancies,
including ones ranging sending receipts only to messages whose
bodies have verifiable signatures to sending receipts only for
messages that arrive between 10AM and 4PM on alternate Tuesdays
and ignoring all others. Again, that doesn't have anything to
do with the feature not working.
Your statement above (at least as I interpreted it) would
clearly be true (and the feature not workable for policy
reasons) if operational policies were consistent all across the
Internet, probably including uses of SMTP over VPNs or SDNs, and
those policies never allowed the feature to be used, but
counterexamples have already been given to any possible
assertion about the policy condition is globally true.
best,
john
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp