Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

Sam Varshavchik <mrsam@courier-mta.com> Mon, 28 September 2020 01:52 UTC

Return-Path: <mrsam@courier-mta.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 704913A0BFA for <ietf-smtp@ietfa.amsl.com>; Sun, 27 Sep 2020 18:52:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hJngI_2xa4Q2 for <ietf-smtp@ietfa.amsl.com>; Sun, 27 Sep 2020 18:52:00 -0700 (PDT)
Received: from mailx.courier-mta.com (mailx.courier-mta.com [68.166.206.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DBA63A0BF5 for <ietf-smtp@ietf.org>; Sun, 27 Sep 2020 18:52:00 -0700 (PDT)
Received: from monster.email-scan.com (monster.email-scan.com [::ffff:192.168.0.2]) (TLS: TLSv1.3,256bits,TLS_AES_256_GCM_SHA384) by www.courier-mta.com with UTF8ESMTPS id 00000000002C0013.000000005F7141BE.00004FC8; Sun, 27 Sep 2020 21:51:58 -0400
Received: from monster.email-scan.com (localhost [127.0.0.1]) (IDENT: uid 1004) by monster.email-scan.com with UTF8SMTP id 000000000001C7BA.000000005F7141BE.000093B7; Sun, 27 Sep 2020 21:51:58 -0400
References: <cone.1601250950.437858.35945.1004@monster.email-scan.com> <ac132a1a-ec83-1ec6-dd34-85fd3bba95c5@network-heretics.com> <cone.1601252021.530626.35945.1004@monster.email-scan.com> <6330c607-5ede-4766-1823-5c8be8a9097b@network-heretics.com> <s1Gob6BEOTcfFAg3@highwayman.com> <3b1279c2-ce25-2c74-cfe4-89fe31075c06@network-heretics.com>
Message-ID: <cone.1601257917.859397.35945.1004@monster.email-scan.com>
X-Mailer: http://www.courier-mta.org/cone/
From: Sam Varshavchik <mrsam@courier-mta.com>
To: ietf-smtp@ietf.org
Date: Sun, 27 Sep 2020 21:51:57 -0400
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=_monster.email-scan.com-35945-1601257917-0003"; micalg=pgp-sha1; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/HYWMGdOd2GhpYEcyY6-6aXNuFyo>
Subject: Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Sep 2020 01:52:01 -0000

Keith Moore writes:

> I thought it was about advice to the server which is currently that the  
> server MUST NOT refuse to accept a message based on failure of EHLO argument  
> verification.
>
> My argument is that EHLO verification is, in the long run, poor practice and  
> should not be encouraged by 5321bis even if it seems like an effective spam

To me, "SHOULD NOT" is a better match for "should not be encouraged". The  
current phrasing, "MUST NOT", prohibits it.

Whether or not EHLO domain validation is prohibited or not, it is used in  
practice right now, and the current language in 5321 is being ignored, to  
some degree. The same language also existed in 2821, so this has been  
ignored for a while. An Internet standard that does not reflect current  
practice is not as valuable as one which is.