Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

John R Levine <johnl@taugh.com> Sun, 27 September 2020 15:04 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CA683A0FB2 for <ietf-smtp@ietfa.amsl.com>; Sun, 27 Sep 2020 08:04:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=sGXS5Cf9; dkim=pass (2048-bit key) header.d=taugh.com header.b=NVFHACw4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id txd-6tCB5gbr for <ietf-smtp@ietfa.amsl.com>; Sun, 27 Sep 2020 08:04:51 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79BBE3A0FB1 for <ietf-smtp@ietf.org>; Sun, 27 Sep 2020 08:04:51 -0700 (PDT)
Received: (qmail 75411 invoked from network); 27 Sep 2020 15:04:50 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=12691.5f70aa12.k2009; i=johnl-iecc.com@submit.iecc.com; bh=CypEmMU+kT5Ogu1ICHWtTar8w4fT5GY7H7+EI/L3ivQ=; b=sGXS5Cf9zFnVHjZOpY8qTpvZlVW67jiCeZ0ph8KA/tpHVD0M74mVK1zzZjdM/GGun2gaxJ4rS4dYyCaN+OKK7UUIKEbYl7wmXEj5pY0TLWN2IoYa5yCREyRPUlsY4mdwXuK34PgFxcHjcTIVjqZ2508p06ZcT676TAJnnE40Jtk5SFkwdsxJk8oHAF5uaaR523fQz/fOpJaRspOOzgbqOF56B2j8nFacT5A9BHBBlPEHENuJxK2mvJYaqLDz3wqOGxMR7S5RVJDkiT7k6XZhcQhsOY9oiSM2VnIe9AL2M30voVMPHwbr21uXhZbLrZK5P1s75vWSh3N7HOEkid3zvA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=12691.5f70aa12.k2009; olt=johnl-iecc.com@submit.iecc.com; bh=CypEmMU+kT5Ogu1ICHWtTar8w4fT5GY7H7+EI/L3ivQ=; b=NVFHACw4jik1rNRIpUw0p4tWSXYEsGr/Y1zdD9iRLZPrNdblyEnEB+b1L9vh3ADLEdDQoAM2LXwEr0IjxAcYMHsLZNNG4E+LP1g5Roe1J2ZTh4e+cKUzP7avJgmsDZrTIdtvu5KtOSyQzwnLVbPmIe6tFJw0vKW9a4dBd7bxI9A2okX/xZg2EsDY1S9J1M5Xk2AZhjQN+gRoJwTiTcItRbR/1RGT1ROCjpuF+3+0Mm8EWgHNjExHRWmRQzEAgFs01faggIGA7NT83K/dIZeYMvi7iZ5FbhqvxjnwNWr0yAElZP901T6GC7camcKsHgtIWx6eJ/P44MVdrtHku4/xzQ==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 27 Sep 2020 15:04:49 -0000
Date: 27 Sep 2020 11:04:49 -0400
Message-ID: <9ad77523-9c98-2249-d01c-80ecc6a96fa@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Keith Moore" <moore@network-heretics.com>, ietf-smtp@ietf.org
In-Reply-To: <198daf90-b3dd-de01-88a0-e9d961feddda@network-heretics.com>
References: <20200927052221.E0A1A21D3A2D@ary.qy> <198daf90-b3dd-de01-88a0-e9d961feddda@network-heretics.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-819234868-1601219089=:8011"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/084wjiyCqZVz_04WUsBilTY5MQY>
Subject: Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Sep 2020 15:04:53 -0000

On Sun, 27 Sep 2020, Keith Moore wrote:
> For example, should the standard insist that client SMTPs have and use an 
> outgoing IPv4-capable interface any time the server SMTP is reached (directly 
> or indirectly) via IPv4?   Or should client SMTPs be forced to use 
> IPv6-to-IPv4 SMTP relays rather than NAT64?    Should we have to keep 
> maintaining a public IPv4 network indefinitely (or at least until IPv6 is 
> globally ubiquitous)?
>
> To me NAT64 seems like an essential tool for transitioning to IPv6 and one 
> quite often chosen by carriers, and I don't see the benefit in adding 
> complexity to the SMTP signal chain  (with the consequent degradation of 
> reliability)  just to preserve this rule.

This seems backward to me.  Keeping in mind that upwards of 90% of all 
mail is spam, and reliable spam signals are valuable, we know from 
experience that real mail servers have static addresses and matching 
forrward and reverse DNS.  Anything that comes from a dynamic or NAT pool 
is invariably spam from a botnet.

Small mail servers send and receive on the same address, so if they're 
going to work on IPv4 at all, they need a static v4 address.  Large 
providers do NAT64 for their customers, but that's not where they put 
their mail servers (or any servers that need an A record.)  They have a 
chunk of static v4 space for that, and that's where they put their 
outgoing mail hosts, too.

Also remember that mail hosts don't need a lot of address space. I've 
seen estimates of the total number of SMTP hosts in the 100,000 range.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly