[Emailcore] rfc5321bis, Ticket #60, Restricted-capability clients
John C Klensin <john-ietf@jck.com> Mon, 04 April 2022 21:17 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D1203A19CE for <emailcore@ietfa.amsl.com>; Mon, 4 Apr 2022 14:17:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8bQG0zy21FS6 for <emailcore@ietfa.amsl.com>; Mon, 4 Apr 2022 14:17:14 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B7833A19C7 for <emailcore@ietf.org>; Mon, 4 Apr 2022 14:17:13 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1nbU4W-000LN1-0R for emailcore@ietf.org; Mon, 04 Apr 2022 17:17:12 -0400
Date: Mon, 04 Apr 2022 17:17:06 -0400
From: John C Klensin <john-ietf@jck.com>
To: emailcore@ietf.org
Message-ID: <35D40FD695219FC5D9D3F9EF@PSB>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/XtKLDF7MezR4FUd22x8OFWT-f5k>
Subject: [Emailcore] rfc5321bis, Ticket #60, Restricted-capability clients
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2022 21:17:17 -0000
Hi. In the hope of getting things moving again (and noting that the number of messages posted about rfc5321bis since the day of the plenary appears to be zero), I thought I might have a go at this. I went back to my notes to try to be sure of what we were talking about when the text went into the spec. The first part of the story comes from there: the term is in 2821 and, modulo the "submission server" issue (and noting that RFC 2476, the first "message submission" spec was published before 2821), it is unclear why questions about it didn't come up until now if they are important to spend significant time on. While I believe the relevant text could, and should, be more clear, that history does make an argument that leaving text alone that has been unchanged for 21 years and never produced significant complaints until now would be unlikely to cause major harm. However, we did change it (see below) and that made it worse. For additional context, most of the discussions about that term have appeared to assume that it is used without context. That was not the case in 2821 and 5321. The text in both 2821 and 5321 comes from a paragraph that starts out talking about <forward-path>s and source routes. It may be worth going back and reviewing the whole paragraph (part of Section 3.3 of RFC 5321) but the specific "restricted-capability" text reads: "These restrictions make a server useless as a relay for clients that do not support full SMTP functionality. Consequently, restricted-capability clients MUST NOT assume that any SMTP server on the Internet can be used as their mail processing (relaying) site." In the process of trying to straighten out and shorten the text about source routes, I moved and rewrote that sentence and its context to read: "Historically, the <forward-path> was permitted to contain a source routing list of hosts and the destination mailbox; however, source routes are now deprecated (see Appendix F.2). Restricted-capability clients MUST NOT assume that any SMTP server on the Internet can be used as their mail processing (relaying) site." Conclusion #1: That change, and how I did it, made whatever problems that may or may not have existed worse. I obviously bear the responsibility for not getting it right, but some of the cause was the WG decision to try to clear all discussion of source routes out of the document and that should be treated as a lesson. Another issue is that this is one of the places where the "client", rather than "sender-SMTP", terminology does not help with clarity. Now, the requested explanation: A restricted-capability client (sender-SMTP) is one that does not support "full SMTP capability". That includes the ability to use MX records and maintain message queues and retrying as specified in the spec. I haven't tried to think through other possible restrictions but those two are obvious. Remembering that we did wrote RFCs 2476, 4409, and 6409 on the assumption that the "submission server" was a host that would send messages outward as either a fully-conforming sender-SMTP or, perhaps, to a "forwarder" relay that was itself a fully-conforming receiver-SMTP and then sender-SMTP (rereading RFC 6409, it is probably not be as clear about that as it should be but that is out of scope for the current discussion). In terms of the code used, it might receive those messages either as a slight-restricted receiver-SMTP (on port 587 or 25) or by a variety of other means, but that is not our problem today either. There are no provisions there for relaying messages around through a collection of systems. So, some example "restricted-capability" sender-SMTPs might include: * The sender-SMTP side of an RFC 6409-conforming submission server that forwarded to a relay rather than maintaining its own queues. As hinted above, 6409 does not appear to discuss the operation of the sender side of an MSA host. * An intra-enterprise host to which submission servers forward messages but that does not, itself, maintain queuing or MX processing but, instead, forwards to another, presumably intra-enterprise host that supports those functions and interfaces with the rest of Internet. It might or might not route messages to destinations within the enterprise, presumably using internal DNS arrangements or some other (outside the spec) mechanism. * A national or regional host in an area with poor or intermittent connectivity that might handle intra-area traffic normally but that routes traffic for external Internet destinations to a common host for processing and, as needed, queuing etc. FWIW, such "poor or intermittent connectivity" environments might easily include the Mars (or even the moon), where the advantages of transmitting messages to a host acting as an interplanetary gateway -- a host that would be completely unknown to an arbitrary destination host earthside (and hence would not appear in its MX list). In each of these cases, the sender-SMTP knows which host or hosts the message should be sent to because that information is somehow configured in, not because of the MX mechanism and that is at least part of what makes it, operationally, "restricted-capability". So, options (not mutually exclusive except for the first): (1) Leave the current text alone and move on. I _do not_ recommend this. (2) Leave the current text alone but come up with better terminology and/or get the relevant sentence(s) far away from any sentence that mentions source routes. Any suggestions for better terminology should include one or more proposed terms. Suggestions about moving it would be more welcome if they included a suggestion about where to. (3) Insert a significant portion of the above, possibly rewritten, to explain and illustrate what we are talking about. An abridged version would be fine too if people want to suggest what might be trimmed. (4) Revert the attempt to clean out source route-related language to the language and organization of 5321 on the assumption that, if the move created this problem, it is likely to have created others as well. I await comments, injections of wisdom, and other responses. john (3)
- [Emailcore] rfc5321bis, Ticket #60, Restricted-ca… John C Klensin
- Re: [Emailcore] rfc5321bis, Ticket #60, Restricte… John Levine
- Re: [Emailcore] rfc5321bis, Ticket #60, Restricte… John C Klensin
- Re: [Emailcore] rfc5321bis, Ticket #60, Restricte… Alexey Melnikov