Re: [ietf-smtp] [Emailcore] Proposed ESMTP keyword RCPTLIMIT

Ned Freed <> Mon, 19 April 2021 21:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0FAD93A4578 for <>; Mon, 19 Apr 2021 14:43:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id f7TSAxSouO_4 for <>; Mon, 19 Apr 2021 14:43:18 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A098C3A4576 for <>; Mon, 19 Apr 2021 14:43:18 -0700 (PDT)
Received: from by (PMDF V6.1-1 #35243) id <> for; Mon, 19 Apr 2021 14:38:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=201712; t=1618868294; bh=nCIv+DewqX+sM0g3kSnohiixtED+9qu6Ut9+NARtLJU=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=liTf2JJftA3+QkupGTucr5e47+VxJU3HmJAg4nZBi01G+zAcrwpQig4xyBbiI0eOl EKzWzidu+9EvabCk2lo9u2GkeKOQoJi0xBA4ehxicIGpNGx6TLGeEEpJmTf79He/8z 9fM8e/enTiZ3dtu1PF+FarA8az4lByD//bSA9UrQ=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Received: from by (PMDF V6.1-1 #35243) id <>; Mon, 19 Apr 2021 14:38:12 -0700 (PDT)
Cc: John Levine <>,,
Message-id: <>
Date: Mon, 19 Apr 2021 14:18:17 -0700 (PDT)
From: Ned Freed <>
In-reply-to: "Your message dated Sun, 18 Apr 2021 19:47:15 -0400" <>
References: <> <20210315234648.563C0708B340@ary.qy> <>
To: George Schlossnagle <>
Archived-At: <>
Subject: Re: [ietf-smtp] [Emailcore] Proposed ESMTP keyword RCPTLIMIT
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 19 Apr 2021 21:43:23 -0000

> As a commercial MTA and ESP provider, this proposal is very exciting to
> me.  Today we guess at these things and largely guess at things based off
> of either observed behavior or out-of-band discussion with those operating
> the receiver side of the email exchange.  Having this defined in the
> session would be great.

Thanks for the support. 

A question for you: Are there any additional limits you think are sufficiently
important, and perhaps more to the point, in some sense foundational, that they
warrant being in the base specification?

I'm especially interested in people's thoughts on rate limits. The problem I
have with rate limits is, well, how to express them. For example, a rate limit
of 10 transactions a minute is not the same as 600 transactions an hour: In the
former case it's unlikely that a sender will be allowed to bang out 600 messages
in a minute followed by 59 minutes of silence, whereas the latter allows that.

This suggests using a vulgar fraction whatever/second as a means of expressing
rate limits.

Then there's the question of what the limit applies to: Is it by IP, by
(possibly DKIM authenticated) sending domain, by a combination of both, or 
something else?

And all this glosses over the fact that there are any number of ways for
servers to determine a rate.

My personal preference would be to defer this to a subsequent specification -
one which I'm happy to coauthor and even edit, but one where I'd be a lot more
comfortable not being the sole author. But there's an argument to be made that
having a limit that's not a simple integer in the base specification would be a
good thing, in order to prevent people from making assumptions in their
implementations that turn out to be false.

A middle ground would be to put one simple rate limit, say MAILMAXRATEPERIP,
that suffices to establish minimal conventions for such things.