Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13

Pete Resnick <> Tue, 29 May 2012 15:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 94C1D11E808E; Tue, 29 May 2012 08:11:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -105.569
X-Spam-Status: No, score=-105.569 tagged_above=-999 required=5 tests=[AWL=1.030, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Blj56CAbrSFr; Tue, 29 May 2012 08:11:28 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E7ACD11E808A; Tue, 29 May 2012 08:11:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=qcdkim; t=1338304287; x=1369840287; h=message-id:date:from:user-agent:mime-version:to:cc: subject:references:in-reply-to:content-type: content-transfer-encoding:x-originating-ip; bh=7ay6XXYcvZk3Kx+0gUNUF9f7MRMXV3R6CQOslgakY/4=; b=baGzmGSwhiyxzZbF3aD5ZT8OXX7uanonFpuX2FjH7Ri7vGuMk6azsabw S4ThVlMsSLyVt3sjM5SEPD9lvwvOook3eB84OBeskImLRnm+3/pal272j YMnWfMuAjMmCiakSShCCLdbUQ0KM6q5nsZXywN0hA7FpsBJfJWypaTtsb E=;
X-IronPort-AV: E=McAfee;i="5400,1158,6725"; a="195580995"
Received: from ([]) by with ESMTP; 29 May 2012 08:11:27 -0700
X-IronPort-AV: E=Sophos;i="4.75,677,1330934400"; d="scan'208";a="159417005"
Received: from ([]) by with ESMTP/TLS/RC4-SHA; 29 May 2012 08:11:27 -0700
Received: from Macintosh-4.local ( by ( with Microsoft SMTP Server (TLS) id; Tue, 29 May 2012 08:11:27 -0700
Message-ID: <>
Date: Tue, 29 May 2012 10:11:25 -0500
From: Pete Resnick <>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv: Gecko/20100630 Eudora/3.0.4
MIME-Version: 1.0
To: Barry Leiba <>
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: []
Cc:, S Moonesamy <>,,
Subject: Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 29 May 2012 15:11:28 -0000

[*Mumble* Wrong draft address again.]

On 5/21/12 6:39 PM, Barry Leiba wrote:
>>>   Message Submission Agents MUST implement a policy that only allows
>>>   authenticated users (or only certain groups of authenticated users)
>>>   to specify message transfer priorities, and MAY restrict maximum
>>>   priority values different groups of users can request, or MAY
>>>   override the priority values specified by MUAs.
>> I would have used a "SHOULD only allow authenticated users" and explain that
>> there is a policy override.  It's to get around the "MUST implement a
>> policy".
> I think I actually prefer it the way it is, because it highlights the
> key point that this is all a policy decision.  If, in fact, an
> implementation should allow a policy that everyone's considered
> authenticated, and some deployment should choose that policy, I'd be
> fine with it... because they have chosen their policy.

But then the "MUST implement a policy that only allows authenticated 
users" would be bogus, because they didn't do that.

On 5/24/12 3:30 AM, Alexey Melnikov wrote:

> I tend to agree with Barry that this should remain MUST.

To agree with SM to an extent: If it needs to be a MUST, why is it not 
"Message Submission Agents MUST only allow authenticated users..."? 
What's with the "implement a policy" thing?

I think you have to make a decision here: If you think that it harms 
things to have unauthenticated users specifying priorities, say "MUST 
only allow authenticated users". If you think that it's OK to set policy 
to allow anyone, say, "SHOULD only allow authenticated users" and 
explain that policy can change that. I have no idea how the current text 
is reasonably actionable.


Pete Resnick <>
Qualcomm Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102