IETF Logo Mail Archive

Re: [Emailcore] Revisiting Issue 40 - A/S and Use of SMTP Extensions

John C Klensin <john-ietf@jck.com> Mon, 15 January 2024 19:23 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4FD7C14F6EC for <emailcore@ietfa.amsl.com>; Mon, 15 Jan 2024 11:23:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MW-uNVf8Ty8f for <emailcore@ietfa.amsl.com>; Mon, 15 Jan 2024 11:23:49 -0800 (PST)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52747C14F6E8 for <emailcore@ietf.org>; Mon, 15 Jan 2024 11:23:49 -0800 (PST)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1rPSYk-00024H-Ij; Mon, 15 Jan 2024 14:23:46 -0500
Date: Mon, 15 Jan 2024 14:23:37 -0500
From: John C Klensin <john-ietf@jck.com>
To: Douglas Foster <dougfoster.emailstandards@gmail.com>, Michael Peddemors <michael@linuxmagic.com>
cc: emailcore@ietf.org
Message-ID: <FE420BD06C4E8F0F3DCB85F2@PSB>
In-Reply-To: <CAH48Zfzxn9K20fgDc3sbZi908Q2KET4h_1OkL18wGBqNXk645Q@mail.gmail.com>
References: <20240104171808.6E3D97FBE2B1@ary.qy> <544137da-d2fc-4655-8a1b-363190ffea6a@isode.com> <89409b6f-593d-4aae-9c89-e5b033a6845b@linuxmagic.com> <CAH48Zfzxn9K20fgDc3sbZi908Q2KET4h_1OkL18wGBqNXk645Q@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/V3HauHuX-HCHyYvGDnbTh6Wz2ys>
Subject: Re: [Emailcore] Revisiting Issue 40 - A/S and Use of SMTP Extensions
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jan 2024 19:23:53 -0000

No, the future is certain.   It is actually in AUTH48 with the
RFC Editor and, I believe, would have been out of it had I not
decided to prioritize rfc5321bis... because WGLC is supposed to
end today and for the reason Rob Sayre just pointed out and to
which I responded.

So, with a bit of luck, expect draft-freed-smtp-limits to be
published as RFC 9422 late this week or early next.

best,
   john


--On Monday, January 15, 2024 13:13 -0500 Douglas Foster
<dougfoster.emailstandards@gmail.com> wrote:

> This draft:
>    https://datatracker.ietf.org/doc/draft-freed-smtp-limits/07/
> was proposed to deal with several issues, including the
> problems that occur when pipelining is used and a local Max
> Recipients limit is enforced.   The draft has not been killed,
> but it had no workgroup sponsorship so I thought its future
> was dim.
> 
> DF
> 
> On Mon, Jan 15, 2024 at 12:21 PM Michael Peddemors
> <michael@linuxmagic.com> wrote:
> 
>> On 2024-01-09 07:10, Alexey Melnikov wrote:
>> > Hi all,
>> > 
>> > On 04/01/2024 17:18, John Levine wrote:
>> >> It appears that Michael Peddemors<michael@linuxmagic.com>
>> >> said:
>> >>> Strongly disagree.. This can be a MAY, however modern
>> >>> MTA's do a lot of inline decision making, that conflict
>> >>> with PIPELINING..
>> >> I'm coming up blank here.  Can you give us an example or
>> >> two?
>> 
>> Sorry, wasn't clear that this comment may have been directed
>> to me, and rushing in a response (just got back from holidays)
>> 
>> MTA's (for instance our own, but several other MTA's allow for
>> replicating the same behavior) can explicitly reject at
>> stages like RCPT TO, and a PIPELINE would accept a string of
>> consecutive RCPT TO's, however what happens if it exceeds for
>> instance a built-in rate limiter? At that point, the MTA
>> would return a 5XX immediately, but the PIPELINE connection
>> would continue streaming commands .. and only handling the
>> responses at the end of the pipeline.
>> 
>> Much bot activity attempts to exploit this, during both SMTP
>> authentication attacks and spam attacks, as well as 'list
>> washers'.
>> 
>> By turning off PIPELINE, it is much easier to identify those
>> that try to abuse it.
>> 
>> I never said that there was anything 'wrong' with the
>> extension, only that it's importance has reduced with modern
>> speeds of the internet, and changes to how MTA"s are much
>> more 'intelligent' in the SMTP layer than in the past, and
>> have the performance to do in transaction decision making,
>> which MIGHT direct the client to stop/change its behavior,
>> contrary to a PIPELINE which will continue.
>> 
>> As such, the 'SHOULD' is no longer prudent, but an MTA 'MAY'
>> is perfectly fine..
>> 
>> 
>> 
>> > As a SMTP server and client implementor, I agree with John.
>> > This discussion didn't convince me that there is anything
>> > wrong with the PIPELINING extension, even though I agree
>> > that there are issues with specific implementations and
>> > clarifying server behaviour would help.
>> >> Keep in mind that you can pipeline MAIL FROM and RCPT TO
>> >> but you have to synchronize at DATA.
>> > 
>> > Best Regards,
>> > 
>> > Alexey
>> > 
>> > 
>> 
>> 
>> --
>> "Catch the Magic of Linux..."
>> -------------------------------------------------------------
>> ----------- Michael Peddemors, President/CEO LinuxMagic Inc.
>> Visit us at http://www.linuxmagic.com @linuxmagic
>> A Wizard IT Company - For More Info http://www.wizard.ca
>> "LinuxMagic" a Registered TradeMark of Wizard Tower
>> TechnoServices Ltd.
>> -------------------------------------------------------------
>> ----------- 604-682-0300 Beautiful British Columbia, Canada
>> 
>> This email and any electronic data contained are confidential
>> and intended solely for the use of the individual or entity
>> to which they are addressed. Please note that any views or
>> opinions presented in this email are solely those of the
>> author and are not intended to represent those of the company.
>> 
>> --
>> Emailcore mailing list
>> Emailcore@ietf.org
>> https://www.ietf.org/mailman/listinfo/emailcore
>>

v2.23.0 | Report a Bug | By Email