********** Models for Mail Handling Systems ****** Rev.1 24-Jan-08
A/B Roles A and B both played by the same Actor
--> Direction of mail flow (no relationship implied)
==> Direct relationship between Actors (e.g. a contract)
~~> Indirect relationship (e.g. both directly related to Recipient)
Simple Setup with four Actors:
|---- Sender's Network -----| |-- Recipient's Network -|
/
Sender(s) ==> MSA/Transmitter --> / --> Receiver/MDA ==> Recipient
/
Border
Simple Forwarding is quite common:
|-------- Recipient's Network ---------|
/
--> / --> Receiver/Forwarder ~~> MDA ==> Recipient
/
Border
Chain Forwarding should be discouraged:
|------------ Recipient's Network ------------|
/
--> / --> Receiver ~~> Forwarder(s) ~~> MDA ==> Recipient
/
Border
Open Forwarding must be banned:
/ / |-- Recipient's Network -|
--> / --> Forwarder --> / --> Receiver/MDA ==> Recipient
/ /
Border Border
******************************************************************
Responsibilities assigned to each role - Rev. 0
Sender
- Originate messages
- Provide a password or other means of authentication
MSA - Mail Submission Agent
- Authenticate the Sender
- Manage Sender accounts
Transmitter
- Spam Prevention
- rate limits, content analysis, alerts
- respond to spam reports
- maintain reputation
- Authentication
- RFC compliance
- IP authorization (SPF, SID, CSV, ...)
- signatures & key management (DKIM ...)
Receiver
- Block DoS
- Authenticate Transmitter|Sender
- HELO, Return Address, Headers, Signature
- reject forgeries
- Assess reputation
- whitelist reputable Senders
- Filter spam
- Add authentication headers
- Manage Recipient accounts/options
- whitelisting, blacklisting, filtering, blocking, forwarding
- Process spam reports
Forwarder
- Authenticate upstream Agent
- Set up forwarding to downstream Agent
- check RFC compliance
- set up authentication records
- submit forwarding request, wait for approval
- Manage Recipient accounts
- maintain database of forwarding addresses
- suspend account when a message is rejected
- communicate w Recipient re " "
- Maintain reputation as a trusted Forwarder
- certifications
MDA - Mail storage and Distribution Agent
- Authenticate upstream Agent
- Sort and store messages
- Provide access for Recipients
- POP3, IMAP, Webmail
- Manage Recipient accounts/options
- Relay spam reports to Receiver (or don't accept them)
Recipient
- Set up accounts with each Agent in the MRN
- Select options in each account
- Report spam to Receiver
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=89691405-22545c
Powered by Listbox: http://www.listbox.com