Re: [ietf-smtp] Endless debate on IP literals
Keith Moore <moore@network-heretics.com> Wed, 01 January 2020 19:47 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD67212004A for <ietf-smtp@ietfa.amsl.com>; Wed, 1 Jan 2020 11:47:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4FpbHEDu_XjS for <ietf-smtp@ietfa.amsl.com>; Wed, 1 Jan 2020 11:47:52 -0800 (PST)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4131112001A for <ietf-smtp@ietf.org>; Wed, 1 Jan 2020 11:47:52 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 7CF7B2232A; Wed, 1 Jan 2020 14:47:51 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 01 Jan 2020 14:47:51 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=YcarAg Pp/vErTBXUypRE1/P7cL4tsUBgcRPhWDnmd24=; b=Ulk1LkkhvZaxBl7RkA8JOH AH8/D5/CGHk5bWNC0Yx4U5+Y3iUDnluAjEqVoTeI1AhOm7zBXjp9laNvAs/2MahR L+SkUfmc8kcUfRD4j+ZWbv1sjyQ4QB6uwjnb1TCGtc79nWE3yCQmkDEuWWcLGEP5 SMHrrWFOtumHp6Ez2zNPRYJddMRhB1+4uVUCLFX50MhbnFx8hnCrrnXGTZlqB3Ax 7vgpBwbrIMoiJbcyImapPlz+HGb0XKXXrnmm8NKQsRBBGW+t6TsrBjbGjwmTFUF2 trZ1QDl7Qc/In1heUc36Q+mzCPtcdFJSJAdJe77ZhTJXFecbYfgLRwxfYAG3mb8w ==
X-ME-Sender: <xms:ZvcMXluCc31OPBkjlvu5TI0MmUda48YFB1ptb0Nn6PhRPR3YwvLryw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrvdefledguddvlecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtsegrtd erredtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthif ohhrkhdqhhgvrhgvthhitghsrdgtohhmqeenucfkphepuddtkedrvddvuddrudektddrud ehnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghr vghtihgtshdrtghomhenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:Z_cMXhtLrnunfQ1dMMICbfJof8cPujZnzDyThlLq_Wf590V-3EzvfQ> <xmx:Z_cMXiPAXtC64kLeFHZzCJVvmMrBlFC2JSNaZcjxn1fV3HcIy6IO1w> <xmx:Z_cMXn28nL3t0sJaV1eKTKyDs7UbBDctwIeL_veXhaaw3xh7TPWTgw> <xmx:Z_cMXk5la6divgoP9RK8hBdCWuSaNhuzVSagYyl2RglSwAKA-SiyqA>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 7A1CD8005B; Wed, 1 Jan 2020 14:47:48 -0500 (EST)
To: ietf-smtp@ietf.org
References: <20200101183846.38F7811E2E72@ary.qy> <64f30fa9-ab2a-fe48-f324-426ed48b7091@network-heretics.com> <alpine.OSX.2.21.99999.374.2001011410220.53128@ary.qy>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <6825655b-12c5-6fdc-7119-44646923bda9@network-heretics.com>
Date: Wed, 01 Jan 2020 14:47:47 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <alpine.OSX.2.21.99999.374.2001011410220.53128@ary.qy>
Content-Type: multipart/alternative; boundary="------------264CFC9D730F6AA2F229007F"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/ntILVaFzeBCAhDqpzUXXDwLDWpY>
Subject: Re: [ietf-smtp] Endless debate on IP literals
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jan 2020 19:47:54 -0000
On 1/1/20 2:34 PM, John R Levine wrote: > >> p.s. I somehow doubt that we should recommend authentication based >> only on IP address at any level, though. That's poor practice even >> for a small network that assigns static IP addresses to all of its >> hosts. More broadly there's a widespread misconception that >> isolated networks are not subject to security threats or that >> perimeter defenses are sufficient to protect them, > > It sounds like you may be conflating "authenticated" and "good". The > point of authenticating submissions is so that you know where they're > coming from, and you're not an open relay for every random hostile > host in the world, not that you know it's mail the recipient wants. A > device can be compromised or just have a bug and suddenly decide that > it has 86,400 overdue update messages it needs to send right now > through its 100% authenticated submission channel. That's why > submission servers need sanity checks on the mail they handle. I was specifically thinking two things: (1) In general, it's a Bad Idea to promote source IP address checks as a form of authentication for anything - not because it's never good enough for any purpose at all, but because a lot of people won't do the threat analysis and/or impose additional measures (like switches that do address checking) to make it reliable even for the purpose they have in mind. So "IP source address authentication is bad, mmmkay?" is probably more effective than trying to explain exactly under what conditions it might be marginally acceptable. (2) It's cheap and trivially easy these days to build a tiny, stealthy device that static configs its source address, operates for hours or maybe days from a small battery, connects to local Ethernet or WiFi, and does whatever kind of disruption its creator wants - whether that's sending out faked messages that something's on fire, or sending malware to anywhere that the submission server will allow, or whatever. There are lots of kinds of authentication, including challenge-response based on hashes of simple passwords, that I'd find perfectly acceptable in such an environment if managed correctly. But even in such a relatively unsophisticated environment I don't think "authentication" based on anything that's exposed on the wire is good enough. So no use of source IP addresses, no use of cleartext passwords, etc. Keith
- [ietf-smtp] Possible cont4ibution to moving forwa… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Jeremy Harris
- Re: [ietf-smtp] Possible cont4ibution to moving f… Alessandro Vesely
- Re: [ietf-smtp] Possible contiibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contiibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contiibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… S Moonesamy
- Re: [ietf-smtp] Possible cont4ibution to moving f… Barry Leiba
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- [ietf-smtp] It's not about IP-Literals, its about… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals John C Klensin
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Jeremy Harris
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] SMTP client certs John Levine
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Richard Clayton
- Re: [ietf-smtp] Possible contribution to moving f… John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Alessandro Vesely
- Re: [ietf-smtp] Possible contribution to moving f… Hector Santos
- Re: [ietf-smtp] Possible contribution to moving f… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Arnt Gulbrandsen
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Ned Freed
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Ned Freed
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- [ietf-smtp] lounging around Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] lounging around John Levine
- Re: [ietf-smtp] Endless debate on submission auth… John Levine
- Re: [ietf-smtp] lounging around John Levine
- Re: [ietf-smtp] lounging around Keith Moore
- Re: [ietf-smtp] lounging around Dave Crocker