IETF Logo Mail Archive

Re: [Asrg] SPF's helo identity as a reporting target

Chris Lewis <clewis+ietf@mustelids.ca> Sun, 13 May 2012 18:03 UTC

Return-Path: <clewis+ietf@mustelids.ca>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E911421F8564 for <asrg@ietfa.amsl.com>; Sun, 13 May 2012 11:03:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.048
X-Spam-Level:
X-Spam-Status: No, score=-1.048 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TEkgytNhhWIw for <asrg@ietfa.amsl.com>; Sun, 13 May 2012 11:03:32 -0700 (PDT)
Received: from mail.mustelids.ca (unknown [174.35.130.2]) by ietfa.amsl.com (Postfix) with ESMTP id 9179B21F855D for <asrg@irtf.org>; Sun, 13 May 2012 11:03:32 -0700 (PDT)
Received: from [192.168.0.8] (otter.mustelids.ca [192.168.0.8]) (authenticated bits=0) by mail.mustelids.ca (8.14.4/8.14.4/Debian-2ubuntu2) with ESMTP id q4DI3Vph007604 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for <asrg@irtf.org>; Sun, 13 May 2012 14:03:31 -0400
X-DKIM: Sendmail DKIM Filter v2.8.3 mail.mustelids.ca q4DI3Vph007604
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mustelids.ca; s=default.private; t=1336932211; bh=pY5mMk8LXxnpNwDKXgMMui8t4Z8d0/c76WoO8gEqyoc=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=tuT8QqtQGQZPmWR/+uopFOSLqFqEhm7VflumNrBSs9KfSjkrL2jaBbubSpotuMVBK O5QJ6rXbINpyVtPN975vb0nZlY0LLnmp0FfRouplzG3OoSSRvh3Aj0z4SYqYGrlcLA shiKXFFfTPhxCZChW8dlECFzVGvw/ObhjjdiSUFU=
Message-ID: <4FAFF773.10207@mustelids.ca>
Date: Sun, 13 May 2012 14:03:31 -0400
From: Chris Lewis <clewis+ietf@mustelids.ca>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: asrg@irtf.org
References: <4FA8FBCA.3050904@tana.it> <4FAE187B.9030902@tana.it> <4FAEA20F.8090302@mustelids.ca> <4FAF85D0.8050305@tana.it> <4FAFD34F.6010301@mustelids.ca> <4FAFEDA8.4090009@tana.it>
In-Reply-To: <4FAFEDA8.4090009@tana.it>
X-Enigmail-Version: 1.5pre
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] SPF's helo identity as a reporting target
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 May 2012 18:03:33 -0000

On 12-05-13 01:21 PM, Alessandro Vesely wrote:
> On Sun 13/May/2012 18:59:23 +0200 Chris Lewis wrote:
>> On 12-05-13 05:58 AM, Alessandro Vesely wrote:
>>> On Sun 13/May/2012 11:07:45 +0200 Chris Lewis wrote:
>>>>
>>>> It would be nice if it could be made usable.
>>>>
>>>> This would tend to make a large organization having all of their servers
>>>> helo exactly the same way, which flies in the face of industry BCP (eg:
>>>> MAAWG), and even if it wasn't specifically RFC5321-illegal, clearly
>>>> violates its intent.
>>>
>>> I see nothing wrong if an organization uses the same helo name for all
>>> its mailouts.  A helo name does not have to be a label of any DNS
>>> record. 
>>
>> Uh what?
>>
>> RFC5321:
>>
>> Section 4.1.1.1:
>>
>>    These commands are used to identify the SMTP client to the SMTP
>>    server.  The argument clause contains the fully-qualified domain name
>>    of the SMTP client, if one is available.
> 
> This has been discussed so many times that we don't need to do it once
> more.  For one (John Klensin on Jan 2009):
> 
>   The 1123-imposed requirement (carried forward into Section 4.1.4
>   Paragraph 6 of 5321) that messages not be rejected on the basis
>   of a validation failure with the EHLO argument would presumably
>   remain even if we deprecated 821 and client use of HELO.
>   http://www.imc.org/ietf-smtp/mail-archive/msg05420.html

On the one hand, we have Klensin commenting on rejecting email based
upon helo validation (despite which, helo factors very heavily into
filtering anyway), versus _explicitly_ violating the RFC in a proposed
standard.

Klensin's argument doesn't apply to this proposal.  At all.

>> Yeah, I suppose you could make all your outbounds have the same name (up
>> to whatever limit DNS imposes), but clearly this violates the intent.

>> And it's also very explicitly counter to industry practises/BCP.

> I'd agree that violating intents and/or practices is not a good start.
> That seems to imply that it is necessary to use scripts to keep helo
> names, IP addresses, and SPF in sync.  Would that be worth?

The reality is going to be is that since it relies on SPF to be valid,
few people would bother implementing it on the sending side, and there
will be more than enough people ignoring the requirement to SPF verify
before trusting it, that kabooms! will still happen.

There are other ways of doing this that doesn't require ancilliary gunk
like SPF. There's at least one IP-based DNSBL that yields the same data.

v2.8.7 | Report a Bug | By Email