ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

2020-09-28 07:04:30


On 28 Sep 2020, at 11:38, Keith Moore <moore(_at_)network-heretics(_dot_)com> 
wrote:

On 9/28/20 4:38 AM, Laura Atkins wrote:

Do you think if the wording in the RFC is changed that established behavior 
will change? That the SMTP servers will be reconfigured to stop doing what 
they are doing?

I think most operators will not bother to change their existing practices 
if/when the RFC wording changes.  

That’s what I thought. 

But if the RFC recommends poor practice, it will be harder to change that 
poor practice, because some people will say "but the RFC says...!"   So the 
RFC should not recommend poor practice.

What is your evidence that it is poor practice? 

If, OTOH, the RFC recommends NOT filtering based on EHLO arguments, then it 
will be at least a bit easier for operators to stop doing that when they 
start seeing that it's a bad idea.

What is your evidence that it’s a bad idea?

I'm thinking long term here.   I expect 5321bis, if we do our jobs right, to 
be around for decades.   So its recommendations need to make sense in the 
long term rather than the short term.

That presumes that your recommendation makes sense and that allowing any random 
NATed machine to connect to the internet and send mail is a good thing. I think 
we have ample evidence that this is actually an abuse vector and a bad thing. 
What changes do you see happening that will make this currently good practice 
become a bad one. 

It doesn't actually bother me that much if existing operators filter based on 
EHLO validation as long as they re-evaluate that policy over time.   I expect 
operators to be pragmatists.   But I really do expect use of NAT64 to 
increase, and I really think it's unhelpful to network operators if reliable 
email operation requires them all to maintain static IPv4 addresses and 
connections to the public IPv4 Internet.   It's silly for email to delay a 
transition away from IPv4 for this reason.

Can you explain this use case in more detail? 

laura 

-- 
Having an Email Crisis?  We can help! 800 823-9674 

Laura Atkins
Word to the Wise
laura(_at_)wordtothewise(_dot_)com
(650) 437-0741          

Email Delivery Blog: https://wordtothewise.com/blog     







_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
<Prev in Thread] Current Thread [Next in Thread>