IETF Logo Mail Archive

Re: [Emailcore] Revisiting Issue 40 - A/S and Use of SMTP Extensions

Douglas Foster <dougfoster.emailstandards@gmail.com> Mon, 15 January 2024 18:14 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 786FFC14F708 for <emailcore@ietfa.amsl.com>; Mon, 15 Jan 2024 10:14:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yUV1Td3keNtn for <emailcore@ietfa.amsl.com>; Mon, 15 Jan 2024 10:14:13 -0800 (PST)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27FF7C14F70A for <emailcore@ietf.org>; Mon, 15 Jan 2024 10:14:13 -0800 (PST)
Received: by mail-lf1-x12c.google.com with SMTP id 2adb3069b0e04-50ea9e189ebso10191406e87.3 for <emailcore@ietf.org>; Mon, 15 Jan 2024 10:14:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705342451; x=1705947251; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=c+VixpxUqEmK6XsMnWqE9u8fjFNx+9p07p2oeFTezA4=; b=hly/Y1Khko48eyS0WPVznLIjlQJRK91gmtWMYl1jfjarxX+7WWqRv0HFe6D8UskA04 ZcTz5Zth7bwvBKwdQ5TO+Nz5LJgZ+V/G48tVjD13q2rl4/fCKiEE/WeLxFum2GAxBGpj Huwl7ubibyJ8411wz+FC1w+t5YyL4VahQXeUJtnBi79QIWM4bat5Uv4cYwBVXTurYYei hukq0m6emLiBclI16IwIecvjqaqHrvWXRVkVDbrzYsILzl6CjVLRvyn14jPQuSpkKq1F mPZtpYl/y/1Ng2Uc1ci0QL6shq5ZGtEL0EEIW5TTz+TuZKb8BVmrGHHwOt1HeIIDqLKk QMhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705342451; x=1705947251; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=c+VixpxUqEmK6XsMnWqE9u8fjFNx+9p07p2oeFTezA4=; b=uDd0HL+GTEzcI6TwK55HFtwc59UuSmb39eDIQm0fDtM5EFHYRCNQ1s9371m+6bjdaQ M5QmaCJIDhhl9JwUq+/Bum7U2MiH5ilk/HbmvTRsDrO2sFvs6i0tlVuR5WL0w8T/+wHH ysBKHyzP4nhhtD97gx/SwSRRBlEwoAbxfCPHrkPDJWSjGzKB5sr6vAI57XI84XY28d5A NswTuVYhtKYOCgAiwrmrjNO8n5X4tDCAeliEa4OwMz+3joWEJi5ai3vUsoQv8Mh1ZMXb 3vrhsjfNZkbGlJ2CEbVh6flJJzJmueq7sph2HKjIxJFKlM6H4luxMNp3puhfgnimGaSN V92A==
X-Gm-Message-State: AOJu0YyCGZ1WBhju4cLHIoPfOFvC+Kcd6TbRQB2FOGxH561gxCbJKrYP rjH2dXyBRCKUrwGS7saTzllBaVAdFkADnOb++hlhwCGvdqQ=
X-Google-Smtp-Source: AGHT+IGuR3vLjhnMhWLkEYXuUZzab8qGCj/F2wYkN4e5894uRAiV9rbIjv+SnlNZJWXhDSKJqkrWIEFUaZpxN8lE7Zg=
X-Received: by 2002:ac2:4e03:0:b0:50b:d763:fe52 with SMTP id e3-20020ac24e03000000b0050bd763fe52mr2662692lfr.109.1705342450971; Mon, 15 Jan 2024 10:14:10 -0800 (PST)
MIME-Version: 1.0
References: <20240104171808.6E3D97FBE2B1@ary.qy> <544137da-d2fc-4655-8a1b-363190ffea6a@isode.com> <89409b6f-593d-4aae-9c89-e5b033a6845b@linuxmagic.com>
In-Reply-To: <89409b6f-593d-4aae-9c89-e5b033a6845b@linuxmagic.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Mon, 15 Jan 2024 13:13:59 -0500
Message-ID: <CAH48Zfzxn9K20fgDc3sbZi908Q2KET4h_1OkL18wGBqNXk645Q@mail.gmail.com>
To: Michael Peddemors <michael@linuxmagic.com>
Cc: emailcore@ietf.org
Content-Type: multipart/alternative; boundary="00000000000002b7a8060efffbf5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/NVGcd_WqDduqBU21GfIaxk3D-cY>
Subject: Re: [Emailcore] Revisiting Issue 40 - A/S and Use of SMTP Extensions
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jan 2024 18:14:17 -0000

This draft:
   https://datatracker.ietf.org/doc/draft-freed-smtp-limits/07/
was proposed to deal with several issues, including the problems that occur
when pipelining is used and a local Max Recipients limit is enforced.   The
draft has not been killed, but it had no workgroup sponsorship so I thought
its future was dim.

DF

On Mon, Jan 15, 2024 at 12:21 PM Michael Peddemors <michael@linuxmagic.com>
wrote:

> On 2024-01-09 07:10, Alexey Melnikov wrote:
> > Hi all,
> >
> > On 04/01/2024 17:18, John Levine wrote:
> >> It appears that Michael Peddemors<michael@linuxmagic.com>  said:
> >>> Strongly disagree.. This can be a MAY, however modern MTA's do a lot of
> >>> inline decision making, that conflict with PIPELINING..
> >> I'm coming up blank here.  Can you give us an example or two?
>
> Sorry, wasn't clear that this comment may have been directed to me, and
> rushing in a response (just got back from holidays)
>
> MTA's (for instance our own, but several other MTA's allow for
> replicating the same behavior) can explicitly reject at stages like RCPT
> TO, and a PIPELINE would accept a string of consecutive RCPT TO's,
> however what happens if it exceeds for instance a built-in rate limiter?
> At that point, the MTA would return a 5XX immediately, but the PIPELINE
> connection would continue streaming commands .. and only handling the
> responses at the end of the pipeline.
>
> Much bot activity attempts to exploit this, during both SMTP
> authentication attacks and spam attacks, as well as 'list washers'.
>
> By turning off PIPELINE, it is much easier to identify those that try to
> abuse it.
>
> I never said that there was anything 'wrong' with the extension, only
> that it's importance has reduced with modern speeds of the internet, and
> changes to how MTA"s are much more 'intelligent' in the SMTP layer than
> in the past, and have the performance to do in transaction decision
> making, which MIGHT direct the client to stop/change its behavior,
> contrary to a PIPELINE which will continue.
>
> As such, the 'SHOULD' is no longer prudent, but an MTA 'MAY' is
> perfectly fine..
>
>
>
> > As a SMTP server and client implementor, I agree with John. This
> > discussion didn't convince me that there is anything wrong with the
> > PIPELINING extension, even though I agree that there are issues with
> > specific implementations and clarifying server behaviour would help.
> >> Keep in mind that you can pipeline MAIL FROM and RCPT TO but
> >> you have to synchronize at DATA.
> >
> > Best Regards,
> >
> > Alexey
> >
> >
>
>
> --
> "Catch the Magic of Linux..."
> ------------------------------------------------------------------------
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us at http://www.linuxmagic.com @linuxmagic
> A Wizard IT Company - For More Info http://www.wizard.ca
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> ------------------------------------------------------------------------
> 604-682-0300 Beautiful British Columbia, Canada
>
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
>
> --
> Emailcore mailing list
> Emailcore@ietf.org
> https://www.ietf.org/mailman/listinfo/emailcore
>

v2.23.0 | Report a Bug | By Email