Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

Keith Moore <> Sun, 04 October 2020 18:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B84273A0989 for <>; Sun, 4 Oct 2020 11:05:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.213, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D6yksj1syrCt for <>; Sun, 4 Oct 2020 11:05:51 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 225DD3A0983 for <>; Sun, 4 Oct 2020 11:05:51 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal []) by mailout.west.internal (Postfix) with ESMTP id 1BC043A9 for <>; Sun, 4 Oct 2020 14:05:50 -0400 (EDT)
Received: from mailfrontend2 ([]) by compute3.internal (MEProxy); Sun, 04 Oct 2020 14:05:50 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=GFpZ+/WuMLzOcPL1wojP5dI3I0YKmTuH5cRdzqFTS DM=; b=UB4SPhSNxtFxtvLf3+di3WFGfkTNPRWNcw3clxw7EBB5YptczVqsepHED ng9Fz0GjCEuWAdAjf0eSVwRUdxrCIsjiIev2lkkFSSEywLXii71M335+99l/eNoF +LIEFg77xtQud86/EY5Kv2MBKl5jsOM5H4Fgb4Oi/E+cEgTVYiRQX4NVGQdPZCe1 8TGn7Ox6r/FqbA+vS5fAFgskFp5/jaaStZSvlsPuWRCZYs3Ap0iniy/bkv3ZP7iw uFdkR9Vfc0sgXQSxp9HYTUbCMebSLRM8stOJLfNv48gMoSgK3YhaAaN/MldccUUD HS5/tFsTjwSrhvEL2FdIBdhkX8V1w==
X-ME-Sender: <xms:-w56X_httRs_oMOttH0FpcXd3mMLqRD6pNAVyWROgahjR7mMBNbbTA> <xme:-w56X8C-ooXdZKTIUPKrca18wM6bBKYnRHke20zbPekvWkaG9_c2pN7wX_IuFtJKa bgkDv8zvcFTiA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrgedtgdduvdegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefuvfhfhffkffgfgggjtgfgsehtke ertddtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthif ohhrkhdqhhgvrhgvthhitghsrdgtohhmqeenucggtffrrghtthgvrhhnpeehhfeutdehfe fgfefghfekhefguefgieduueegjeekfeelleeuieffteefueduueenucfkphepuddtkedr vddvuddrudektddrudehnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomhepmhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhm
X-ME-Proxy: <xmx:-w56X_EPDG4eCN13gyM_05ZqM3Vo-1da68EXR-4fS7-3gOh3CUZbLQ> <xmx:-w56X8S7hKaX3UALrPgdPYtHNMWyE60zQceumOXw6mXy3wh--73Gtw> <xmx:-w56X8zOKXS1utf813wkfugs_naV9KCCzWA8SC9A8mg4wkak4Zz62Q> <xmx:_Q56X8jeWr1cVSHnriJ6kNDJshqmGnz423mNy5fmI_bwUT9XGje-kg>
Received: from [] ( []) by (Postfix) with ESMTPA id DE7AA3064610 for <>; Sun, 4 Oct 2020 14:05:46 -0400 (EDT)
References: <20200928221602.046CE22A35B3@ary.qy> <> <> <> <>
From: Keith Moore <>
Message-ID: <>
Date: Sun, 4 Oct 2020 14:05:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <>
Subject: Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 04 Oct 2020 18:05:54 -0000

On 10/4/20 1:13 PM, Arnt Gulbrandsen wrote:

> But there's another aspect. Who accepts? These things are the content 
> of .procmailrc files and sieve scripts. Who has authority to accept or 
> not accept the validity of what I write in my sieve script? I believe 
> that's a local matter, out of scope for the IETF, and therefore 
> off-topic for all IETF lists. 

The rules that individuals and even enterprises use to filter their own 
incoming email is their own business, and I agree that's out-of-scope 
for IETF.

But that's not what I was talking about and I don't think that's what 
John was talking about either.   He referred to "well established 
anti-abuse metrics".   If they're well established, where are they 
documented?   I don't think it's out of scope for IETF to examine them 
or express opinions about them.