IETF Logo Mail Archive

Re: [apps-discuss] Review of: draft-ietf-appsawg-nullmx-00

Hector Santos <hsantos@isdg.net> Tue, 25 February 2014 19:30 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11AE21A01F4 for <apps-discuss@ietfa.amsl.com>; Tue, 25 Feb 2014 11:30:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.301
X-Spam-Level:
X-Spam-Status: No, score=-99.301 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VMbqD6JwD47x for <apps-discuss@ietfa.amsl.com>; Tue, 25 Feb 2014 11:30:45 -0800 (PST)
Received: from ntbbs.santronics.com (pop3.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 1B0CE1A0186 for <apps-discuss@ietf.org>; Tue, 25 Feb 2014 11:30:44 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=3557; t=1393356641; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=NrH9xdtN2FE9j8SFlpWKDBRfF8A=; b=YforfkeDkbPgoKQcFv5z GCPcjdYFC2by9esDPOTqh3QqLFbglHHVfvL18z+CALitILt1Uh7z1xPzy+PtMPEo X/gnKhaCVaDGfk+CJ0DyO0vj46b6yLAx2pcsKiM4F5StCHDI7FMzJWKPvfK0x08P uXAWe+GjaJNDvFc1rp4q+Hs=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for apps-discuss@ietf.org; Tue, 25 Feb 2014 14:30:41 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from opensite.winserver.com (beta.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2639101525.17582.5924; Tue, 25 Feb 2014 14:30:40 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3557; t=1393356004; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=2rWr4Gs W3GE6NJloZxccdR5XxyQWOyVL95oRVfYOpM0=; b=s7uZ+yCh/vjXRAGfOzx3kt+ uX4R4j25qpD0VIvum6EYwTef0zKOpcIsSM9A1P8BHBcasCGkJRKdIMw9sj/xRtkf lfHyqIu++bG5jcpWFtPJ9FE6jGak9QgnMVBr4fSjHnxHnsRspszxkc9EOaxqHA1o E3TxR+kTIFlzeTdMTfA4=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for apps-discuss@ietf.org; Tue, 25 Feb 2014 14:20:04 -0500
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2085383303.9.6580; Tue, 25 Feb 2014 14:20:03 -0500
Message-ID: <530CEF60.5020409@isdg.net>
Date: Tue, 25 Feb 2014 14:30:40 -0500
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: dcrocker@bbiw.net, "Murray S. Kucherawy" <superuser@gmail.com>
References: <20140215090319.9948.37708.idtracker@ietfa.amsl.com> <530561F9.6070205@dcrocker.net> <CABuGu1rkzxqPSNsDM2VcPOKmg4r4W0Bdy=YhCad2YE47QLR3PQ@mail.gmail.com> <53060AAD.6010601@dcrocker.net> <CAL0qLwbfTWFubxT08VXmewYExHFDT5sHFi6EnGN5BozxF0K5SQ@mail.gmail.com> <53076630.2080306@dcrocker.net> <CAL0qLwZU1KUZt2m+1qpPcTMygfsoCKxMNokEfOY8qu2zJejXoA@mail.gmail.com> <5307AFC7.6070103@dcrocker.net>
In-Reply-To: <5307AFC7.6070103@dcrocker.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/zVKrst8KKHCSKlrJKq18Z5QM1m4
Cc: draft-ietf-appsawg-nullmx.all@tools.ietf.org, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Review of: draft-ietf-appsawg-nullmx-00
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Feb 2014 19:30:51 -0000

At the end of the day, this is a proposed optimization and enhancement 
to the MX record protocol handling logic.  On the publishing side, it 
can ultimately change/add new protocol rules and guidelines:

   - Mail Domains MUST have MX preference non-zero values (PREF != 0)
   - Non-Mail Domains SHOULD have MX preference zero values (PREF == 0)

For PREF!=0, the MUST is best to avoid NULL MX compliant systems 
skipping mail deliveries.  If we allow a SHOULD, then the domain is 
open to false positive mail non-deliveries.

For PREF==0, a SHOULD allows the outbound mail framework to decide how 
to best handle the mail delivery; a) by supporting this NULL MX 
proposal which will short circuit the delivery attempt and/or b) 
supporting the "Status Quo" of continuing to attempt to connect to 
what is probably a non-existing server.

A domain declaring a MX with PREF == 0 could be declaring to the mail 
client world to avoid connecting to this host, but this waste and 
redundancy overhead is absorb in modern systems and thus is a 
non-issue for the most part.   In our system, the domain will be 
permanently blocked after all attempts have been exhausted. It takes 
operator intervention to remove this auto-pilot block -- a rare 
procedure.  So while the idea sounds simple, it may not be a simple 
implementation nor simple deployment (turning it on for updates).

But it is an optimization to the MX logic and should be described as 
such avoiding the highly subjective reasonings dealing with mail 
filtering, anti-spam, reputation, etc.

-- 
HLS



On 2/21/2014 2:57 PM, Dave Crocker wrote:
> On 2/21/2014 10:43 AM, Murray S. Kucherawy wrote:
>> On Fri, Feb 21, 2014 at 6:44 AM, Dave Crocker <dhc@dcrocker.net
>> <mailto:dhc@dcrocker.net>> wrote:
>>
>>     Except that 'authorized' is the essential point, to distinguish
>> between
>>     legitimate uses and spoofing, etc. uses.  The word 'legitimate'
>> doesn't
>>     work well here. So 'authorized' seems the next closes.
>>
>>     There are three essential problems with the original wording.
>> The first
>>     is that domains don't 'send' mail. Also the word 'send' is frankly
>>     ambiguous in its own right here. And lastly is that the
>> stricture needs
>>     to cover keep the domain name out of a number of different fields.
>>
>>
>> My problem is that "SHOULD NOT be authorized for use" is a concept that
>> exists entirely inside the ADMD creating the content; it points to
>> something that's not subject to interoperability.  "SHOULD NOT be
>> used",
>> by contrast, is something that a receiver can evaluate.
>
> We've all locked into some interesting linguistic challenges, though
> they seem to be getting cast in terms of a kind of email protocol
> challenge.
>
> To start:  I'm not trying to change any existing email standards and
> don't think the current topic will do that.,
>
> Rather, I'm trying to do two other things.  One is to distinguish
> between activities authorized by the domain owner, versus those
> outside of the owner's control.  And then to suggest proscription of
> what the domain owner authorizes for use.
>
> Simply put:  If one publishes a NULL MX for the name, one shouldn't
> use that domain for an email address anywhere.  (Tony's language was
> good for that I think.)  And I've no idea whether should or must
> should be used -- and don't much care.
>
> But the linguistic wrinkle is that those nasty spoofers are sitting
> out there, getting in the way of generic language like "should not be
> used".
>
> d/
>
>

v2.23.0 | Report a Bug | By Email