Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13

S Moonesamy <sm+ietf@elandsys.com> Thu, 31 May 2012 20:33 UTC

Return-Path: <sm@elandsys.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F27421F86B2; Thu, 31 May 2012 13:33:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.535
X-Spam-Level:
X-Spam-Status: No, score=-102.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lC5qEMjt2s2; Thu, 31 May 2012 13:33:54 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF5821F869C; Thu, 31 May 2012 13:33:53 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([41.136.232.179]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id q4VKXYFO027412 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 31 May 2012 13:33:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1338496428; i=@elandsys.com; bh=oIV4kqywToVeYxk3sre5mmrCZt2jcBu1IMSxqE0Ge8Q=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=N3Qf+D/7bBCDcVQfHSRdpoIcp5x5WRwyKoDUaro5IGirTQfiq2uJBfc8CO4YMOfAs drfwnGHqenwwt11M7rEV8/VnsfN+XL5bPGS2ChADS87P+p7FdhboVncAVcjILsd9AI 8i3XGzm+8MVLc5vqclQc5uYQj6vIApZYTD9/l0/o=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1338496428; i=@elandsys.com; bh=oIV4kqywToVeYxk3sre5mmrCZt2jcBu1IMSxqE0Ge8Q=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=HrNtAWpP0F6vl3lzNA+1LYI8Z0GbfIMyeJ5j2K4K2ffi4NrWF5A4x8Cptlbk92MIz 5eGgQujPh6jKmtNFlVYywKTRkajLAU7P+cZXGjYqpK09fm681KWsOhf32m47eUmHOZ 84TSlc19V1zKqvHTPu8GRD12yda02+P8Uu/P0Pqo=
Message-Id: <6.2.5.6.2.20120531123528.093c3048@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Thu, 31 May 2012 13:10:58 -0700
To: Alexey Melnikov <alexey.melnikov@isode.com>
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <4FC78CCF.9050800@isode.com>
References: <6.2.5.6.2.20120521130747.0c219ab0@elandnews.com> <CALaySJKfcWZYEDeR9_WaLxDM9O-gzwV2cgER0iZRB4Ovy=YOBA@mail.gmail.com> <4FC4E574.6000408@qualcomm.com> <4FC653E0.9000404@isode.com> <6.2.5.6.2.20120530103804.095aedf8@elandnews.com> <4FC78CCF.9050800@isode.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: Pete Resnick <presnick@qualcomm.com>, draft-melnikov-smtp-priority.all@tools.ietf.org, Barry Leiba <barryleiba@computer.org>, iesg@ietf.org, apps-discuss@ietf.org
Subject: Re: [apps-discuss] APPSDIR review of draft-melnikov-smtp-priority-13
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2012 20:33:57 -0000

Hi Alexey,
At 08:22 31-05-2012, Alexey Melnikov wrote:
>I am not entirely sure what you are suggesting.

"authenticated or trusted senders" allows you to cover the range of 
cases such as POP3-before-SMTP, SMTP AUTH, IP-based authorization, etc.

>Most certainly, yes :-).

As you picked (b) and (c), I'll suggest text (I reused some text from Barry):

   Allowing authenticated or trusted senders, or only certain groups of
   senders, to specify a message transfer priority when a message is
   submitted through a MSA or relayed through a MTA is a matter of site
   policy.  As part of this policy, they can restrict maximum priority values
   that different groups of senders can request and can override the priority
   values specified.

   In the absence of such a policy an SMTP server (whether a MSA or a MTA)
   implementing this SMTP extension is susceptible to a Denial of Service
   attack.  For example, malicious clients (MUAs/MSAs/MTAs) can try to abuse
   this feature by always requesting Priority 9.

I removed the second paragraph of Section 10.

Regards,
S. Moonesamy