Re: [ietf-smtp] Quoted-Printable-8bit and downgrade

Ned Freed <ned.freed@mrochek.com> Thu, 01 April 2021 03:38 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F2743A3ECD for <ietf-smtp@ietfa.amsl.com>; Wed, 31 Mar 2021 20:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mrochek.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hei4pBzU4AbZ for <ietf-smtp@ietfa.amsl.com>; Wed, 31 Mar 2021 20:38:27 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [98.153.82.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E31F3A3ECC for <ietf-smtp@ietf.org>; Wed, 31 Mar 2021 20:38:26 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01RXBXDBYT8G00D2OO@mauve.mrochek.com> for ietf-smtp@ietf.org; Wed, 31 Mar 2021 20:33:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mrochek.com; s=201712; t=1617248002; bh=/a4HTdRGcsQTKMF0+FGHy7b+v9ROpikxEM3BKsKu5fw=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=LnF3bevgGiSwTR0jlbhjR/nW45DCjdSuMqowURLSyZf0pnaYuOAiYxwKZPJEPk0jQ 9Z9h6doSuIlcTJpCB+nOF/Hl/yLWbQ2YtoEdiUimMoIu1VcSvQXF07GZ2NWtKxRXzZ uernYGxmrdowvVQDG2/C9tTM2vWoaD9dTQE/1qTk=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01RXBB2PNS5S0085YQ@mauve.mrochek.com>; Wed, 31 Mar 2021 20:33:18 -0700 (PDT)
Cc: ietf-smtp@ietf.org
Message-id: <01RXBXD99B0C0085YQ@mauve.mrochek.com>
Date: Wed, 31 Mar 2021 20:05:05 -0700 (PDT)
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Wed, 31 Mar 2021 16:53:17 -0400" <91E6C645-D83A-429D-ABCC-1E5FA075888C@dukhovni.org>
References: <20210331194048.BCDE771B77F2@ary.qy> <91E6C645-D83A-429D-ABCC-1E5FA075888C@dukhovni.org>
To: Viktor Dukhovni <ietf-dane@dukhovni.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/XEeREmZwPTXKrsT88pDST0TJbOI>
Subject: Re: [ietf-smtp] Quoted-Printable-8bit and downgrade
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 03:38:32 -0000

> > On Mar 31, 2021, at 3:40 PM, John Levine <johnl@taugh.com> wrote:
> >
> > Interesting question.  I presume there are still MTAs that can do downgrades
> > but how common is it in practice?

> Postfix will do 7bit downgrade by default if the content is designated
> or detected as 8bit and the remote MTA does not advertise 8BITIME support:

>   http://www.postfix.org/postconf.5.html#disable_mime_output_conversion

So will Oracle's Messsaging Server. Whether or not this matters given the
widespread deployment of 8BITMIME is another matter. I checked my own logs just
now and in the past 3 years I couldn't find a single case where a downgrade
actually occurred.

> > It breaks DKIM signatures unless the MTA can find the signing keys and resign
> > on the fly which seems a bit much.

> For outbound mail, where the MTA/MSA is also the one doing the signing, the
> safest thing is to just downgrade all messages before signing, so that
> there's never any post-signature dynamic downgrade during delivery.  This
> can be done by passing through an internal SMTP content filter that does
> not offer 8BITMIME.  I expect most administrators don't do this.  In which
> case any submitted 8BITMIME message may get downgraded after signing.

This is trivial to do in our MTA - a single option setting, as a matter of fact.
I don't set it because I want to see if there's any downgrading to be done,
but we recommend that sites doing DKIM signing consider using it.

> Since most MUAs do quoted-printable defensively, actual downgrading at
> the MSA is rare.

Not IME. I get quite a few unencoded text/html parts.

I also see a lot of 8bit text (both plain and html), lack of non-English usage
notwithstanding. It's mostly fancy quotes, ellipses, and similar punctuation
characters, although use of emoji is steadily increasing.

And as I pointed out >30 years ago during the MIME work, there are plenty of
English words that employ diacritics. In fact in some cases diacritics are added
to imported words that originally didn't have them. 

  https://en.wikipedia.org/wiki/English_terms_with_diacritical_marks

				Ned

P.S. I have to say I find the fancy quotes quite annoying, especially when some
client decides to use them in sample code. They may look better, for some value
of "better", but compilers and validators don't much care for them.

Inline Emoji are also an issue for me because of font size - Unicode display
rules for inlined Emoji produce intricate little blobs my crappy eyes
are incapable of deciphering.