IETF Logo Mail Archive

Re: [apps-discuss] Pete Resnick's Yes on draft-ietf-appsawg-malformed-mail-10: (with COMMENT)

Ned Freed <ned.freed@mrochek.com> Wed, 27 November 2013 06:50 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 183221AE213; Tue, 26 Nov 2013 22:50:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VjPrbS7V7d1C; Tue, 26 Nov 2013 22:50:37 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id A68921AE17A; Tue, 26 Nov 2013 22:50:37 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P19CEW2CE8001KNE@mauve.mrochek.com>; Tue, 26 Nov 2013 22:45:34 -0800 (PST)
MIME-version: 1.0
Content-type: TEXT/PLAIN; CHARSET="iso-8859-1"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P18HARGJGG00004G@mauve.mrochek.com>; Tue, 26 Nov 2013 22:45:29 -0800 (PST)
Message-id: <01P19CETU4PU00004G@mauve.mrochek.com>
Date: Tue, 26 Nov 2013 22:04:27 -0800
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Tue, 26 Nov 2013 10:23:42 -0800" <CAL0qLwY4Zbig3pb9W41fo5ttt2FgLPyOwPxLFQFJuUTtO5D75A@mail.gmail.com>
References: <20131120223533.8958.23858.idtracker@ietfa.amsl.com> <CAL0qLwbH0e_Z-9OKNf3cJ9RpsRLK6vmnQtfj8dbZkLxmz2GaRA@mail.gmail.com> <01P14CWFCE5A00004G@mauve.mrochek.com> <5294DDEE.4070000@qti.qualcomm.com> <CAL0qLwY4Zbig3pb9W41fo5ttt2FgLPyOwPxLFQFJuUTtO5D75A@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: "draft-ietf-appsawg-malformed-mail@tools.ietf.org" <draft-ietf-appsawg-malformed-mail@tools.ietf.org>, Ned Freed <ned.freed@mrochek.com>, IETF Apps Discuss <apps-discuss@ietf.org>, Pete Resnick <presnick@qti.qualcomm.com>, SM <sm+ietf@elandsys.com>, "appsawg-chairs@tools.ietf.org" <appsawg-chairs@tools.ietf.org>, The IESG <iesg@ietf.org>
Subject: Re: [apps-discuss] Pete Resnick's Yes on draft-ietf-appsawg-malformed-mail-10: (with COMMENT)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Nov 2013 06:50:43 -0000

> My recollection of Return-Path is that there's always zero or one, and it's
> typically added at the top only during local delivery; any instance of it
> in transit is basically wrong and subject to removal.  I'll have to revisit
> this as well if that's wrong.

Apologies, I should have caught this sooner. It's zero or one per block of
Received/Resent-*/Return-path fields. So yes, you can have more than one of
them. And that means section 7.5.3 is incorrect when it asserts that a message
with more than one is invalid in the first sentence. Perhaps a change to
something like this is in order:

   While legitimate messages can contain more than one Return-Path
   header field, such usage is often an error rather that a valid
   message containing multiple header field blocks as described in
   sections 3.6 of [RFC 5322]. Accordingly, when a message containing
   multiple Return-path: header fields is encountered, all but the
   topmost one is to be disregarded, as it is most likely to have
   been added nearest to the mailbox that received that message.

I think that should cover it.

That said, I've always regarded the notion that such blocks can be reliably
distinguished as nothing but specious nonsense, and that fact that RFC 5322
doesn't contain language recommending against such usage as a problematic
aspect of that specification.

The problem is fundamental: Aside from the dependency of Return-path: fields on
Received: fields (but not vice versa), all of the fields in one of these blocks
are optional. And all the rules only say that fielde must be prepended; they
say nothing about which of the various fields in a given block have to be
prepended first. It is therefore perfectly valid in a one step MSA/MDA situation
to prepend Return-path: first, then Received:, then Resent-*. Or any other
order, and that plus the optionality of all the field creates a situation where
there is no way to determine the boundaries between blocks with any degree of
relability. 

It follows that if you expect the recipient of your message to be able to
consume such information reliably it's a really good idea to remove all
instances of these fields other than your own on submission.

But all this goes far beyond the scope of the present draft, which is 
concerned with malformed mail, and as Pete correctly points out, messages
containing multiple Return-path: fields may be ill-advised but are not
necessarily malformed. Although in practice a lot of them are, because another
thing that happens frequently is that when messages are resent all Received:
fields are removed (because if you don't your mail tends to get caught by loop
checks) but the Return-path: fields are retained. And that's then a malformed
message according to the rules.

				Ned

P.S. I claim no special insight into any of this. Marshall Rose patiently
explained this issue to me many years ago.

v2.23.0 | Report a Bug | By Email