Re: [Emailcore] Ticket #5: G.5. Remove or deprecate the work-around from code 552 to 452?
John C Klensin <john-ietf@jck.com> Thu, 11 March 2021 21:19 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 433EE3A0C5D; Thu, 11 Mar 2021 13:19:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Eoxbds6u8BAX; Thu, 11 Mar 2021 13:19:04 -0800 (PST)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71BBF3A0C59; Thu, 11 Mar 2021 13:19:01 -0800 (PST)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1lKShw-00047H-4b; Thu, 11 Mar 2021 16:19:00 -0500
Date: Thu, 11 Mar 2021 16:18:54 -0500
From: John C Klensin <john-ietf@jck.com>
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, emailcore@ietf.org
Message-ID: <9A7BDB22F3A0396EF24BF91D@PSB>
In-Reply-To: <CAHej_8=deJU1CW2AzDBu5ji3Uir+_zF6Gp59Z-hHRmRipz8Osw@mail.gmail.com>
References: <ca851fda-63ac-8739-c3eb-bde725aa25f3@isode.com> <c188413b-9337-40d8-8062-9c0f58f6cd98@www.fastmail.com> <CAHej_8kHwEOmq5bf49=Tt6ZEVkuidMhy5s4XPu7JC+k22qraZg@mail.gmail.com> <CAHej_8ma-kDkVh3Oj11R5Fn6BbwJsWfFpx0Zqv61fPL35CJNUA@mail.gmail.c om> <0F2370D0-D04C-45A1-A5A1-8FF1F174FFE5@dukhovni.org> <CAHej_8=deJU1CW2AzDBu5ji3Uir+_zF6Gp59Z-hHRmRipz8Osw@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/yIMQNMWs0XD-090sngMGdEefqUE>
Subject: Re: [Emailcore] Ticket #5: G.5. Remove or deprecate the work-around from code 552 to 452?
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2021 21:19:06 -0000
--On Thursday, March 11, 2021 11:52 -0500 Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org> wrote: >... >> All that said, the RFC text in question is bogus, no client I >> know of honours it. > I believe that's where we landed during the discussion on > Wednesday. What I had not done on Wednesday, or recently enough before then, was to carefully read the entirety of Section 4.5.3.1.10, which explicitly calls for the behavior someone, I think you, mentioned in a previous message, i.e., server accepts recipients up to the limit, then generates a 452 for each succeeding RCPT command. Client then continues processing with the recipients up to that point, sends the message, and then requeues the message for additional recipients. And the client is expected to treat a 552 in response to RCPT as if it were a 452. Nothing there prohibits the client from sending messages to the recipient addresses who got the 452 (or 552) one at a time or even treating the very first 452 (or 552) as an indication that it should send QUIT or RSET and start sending the message in one recipient at a time mail transactions. It also provides for the server to indicate to the client that it is just not willing to accept mail transactions with a number of recipients larger than it wants to accept with a 503 response after DATA. Up to that point, I think the text is consistent with what we have been told about current practice, including treating a 552 response code as if it were temporary. Referring back to Wednesday's discussion and slide (I believe Slide 6), the sentence highlighted is entirely consistent with current practice and probably needed to keep that practice valid. If it is in need to changing, it would be to change the SHOULD to a MUST since that appears to be what everyone is doing anyway. I personally think that would be a bad idea because we have no way of knowing about all possible cases and that change probably wouldn't accomplish anything anyway. That suggests that, if changes are needed, there are probably three of them, the first two in the third paragraph of that section ("If an SMTP server has..."), not in the first one: (1) As I have suggested elsewhere, more explanatory cross-references in this over-complicated document would be a good idea. So: OLD: If an SMTP server has an implementation limit on the number of RCPT commands and this limit is exhausted, NEW/PROPOSED: If an SMTP server has an implementation limit on the number of RCPT commands and this limit is exhausted (See Section 7.8), Comment: Section 7.8 ("Resistance to Attacks"), which explicitly mentions large numbers of recipients, is not quite right for this. More generally, we've talked informally about flexibility for "operational necessity" for years (I even used that phrase in G.1) but it does not appear elsewhere in the document. I think it would be helpful to clarity to re-title 7.8 to "Resistance to Attacks and Local Operational Requirements" (or something similar) and probably to add a sentence or two there that would indicate that attack resistance is not the only issue that might justify local restrictions. If people agree, text welcome. Alexey, I have tentatively added the above as G.15. Unless no one agrees that the above is at least worth further discussion, please make a ticket. (2) That paragraph also says that the server MUST use a 452 response code in the "too many recipients" case. I think we should be reluctant to remove the recommendation. Especially given the "look at first digit only" rule, 452 is clearly better than 552. However, if people are uncomfortable with a MUST that is generally violated, I recommend a SHOULD with an additional sentence that indicates that many implementations do not follow that recommendation. The only justification I can think of for removing the recommendation entirely would be if harm was generally caused if 452 were returned. Given the "examine first digit" rule. it is hard to imagine such harm except in implementations that are seriously broken. (3) Unless we are going to overhaul things in ways radically different from the above and unless anyone has serious objections (and raises them soon) I intend to patch Section 4 to better indicate the role of "too many recipients" codes in the scheme of things. john
- [Emailcore] Ticket #5: G.5. Remove or deprecate t… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alessandro Vesely
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Michael Peddemors
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Michael Peddemors
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- [Emailcore] Proposed ESMTP keyword RCPTLIMIT Jeremy Harris
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Jeremy Harris
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Todd Herr
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Viktor Dukhovni
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Laura Atkins
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Brotman, Alex
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Michael Peddemors
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT John Levine
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Laura Atkins
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Ned Freed
- Re: [Emailcore] [ietf-smtp] Proposed ESMTP keywor… Rolf E. Sonneveld
- Re: [Emailcore] [ietf-smtp] Proposed ESMTP keywor… Ned Freed
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Hector Santos
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Hector Santos