Re: [ietf-smtp] Fwd: [dispatch] Forced SMTP redirects

John C Klensin <john-ietf@jck.com> Fri, 10 July 2020 04:01 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 615B03A0BF4 for <ietf-smtp@ietfa.amsl.com>; Thu, 9 Jul 2020 21:01:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4j1tRCVEb18J for <ietf-smtp@ietfa.amsl.com>; Thu, 9 Jul 2020 21:01:08 -0700 (PDT)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89FFA3A0BF2 for <ietf-smtp@ietf.org>; Thu, 9 Jul 2020 21:01:08 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1jtkDi-000Eg5-RB; Fri, 10 Jul 2020 00:01:06 -0400
Date: Fri, 10 Jul 2020 00:01:00 -0400
From: John C Klensin <john-ietf@jck.com>
To: E Sam <winshell64@gmail.com>, ietf-smtp@ietf.org
Message-ID: <6AEA7D44C8037B32BC1F3810@PSB>
In-Reply-To: <CAKFo7w=MJBt0FdnCcOZCXZWdkd6Jinv4TqwdpefdoaCncbZH3Q@mail.gmail.com>
References: <CAKFo7wkawgk-Yj676kE5MqK8XuebuArMexH-eOdq_Uo7ijdimQ@mail.gmail.com> <20200710015947.0BE2D1C78A2F@ary.qy> <CAKFo7w=MJBt0FdnCcOZCXZWdkd6Jinv4TqwdpefdoaCncbZH3Q@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/wMSOaEGei6Ach4QnOaz3trO0Lx8>
Subject: Re: [ietf-smtp] Fwd: [dispatch] Forced SMTP redirects
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2020 04:01:10 -0000

Hi.

Well, I largely agree with John Levine except for a bit of
history that just proves his point.   Many years ago, at sort of
the dawn of SMTP and at least in the environments I was working
in, the use of 251 and 551 was fairly common, as was the use or
VRFY to check out addresses.  Over the years, all three fell
into disuse as John says.  Especially for the former two, that
happened at least as much due to concerns about a variety of
attacks as about information disclosure.  Section 7.5 for RFC
5321 at least hints at the problem: if, as an SMTP-sender, I get
a 557 or 558 (or a 551), I'd better be really sure that the
system returning that code is authoritative for the addresses in
question.  That gets especially complicated when there is a
multihop relay chain and, especially if the practice of opening
the outgoing connection before the incoming one has completed,
one cannot tell with any certainty where the report came from.

Also remember that SMTP encourages, nay requires, that if an
SMTP-sender gets back a reply code it does not recognize, it is
required to ignore anything but the first digit.  That predicts
a fairly hard road at this point for new codes that are intended
to convey subtle information.

Agreeing with John that the underlying problems are not ones
that new codes will solve and hence that the likelihood of
acceptance and wide enough deployment to make this useful are
low, two suggestions:

(1) Stick with 551 but add extended codes that reflect exactly
what you want and the distinctions you are trying to make.
There may still be little adoption, but I believe (after not
much thought) that the chances of harm are lower.

(2) Expand your Security Considerations section (or some other
section) to consider a broader range of possible attacks and
configurations.  For example, if encryption is only hop-by-hop,
any server that has been compromised seriously enough to tell a
client to rewrote a message probably has access to the plaintext
in any sort of pipelining situation and likely some others.  An
analysis of what happens if the server generates these codes and
the client interprets them as simply 5yz (as suggested above)
and whether that would cause harm would be in order.  Similarly,
suppose

   SubmissionServer -> MTA1 -> MTA2 -> DeliveryMTA

Now, let's assume MTA2 is an enterprise server with a list of
forwarding addresses delivering only virus-checked messages with
valid addresses to DeliveryMTA  (a plausible situation in
today's world).  So it generates a 557 code.  As I read your
draft (perhaps too quickly) you expect MTA1 to forward/resend
the message to the [new] correct address.  But, if it does, what
is it going to tell the submission server (if anything)
especially if it, having received the message and agreed to pass
it on, has already returned a 250 code and gotten QUIT in
return.   That takes us into NDN/DSN territory with all of the
issues associated with those messages, in this case probably
with a need to authenticate them end-to-end.

best,
   john




--On Thursday, July 9, 2020 22:47 -0400 E Sam
<winshell64@gmail.com> wrote:

> Hello all,
> See the below email chain - I thought it would be a good idea
> to send this to the ietf-smtp mailing list as well.
> 
> Thanks
> 
> ---------- Forwarded message ---------
> From: John Levine <johnl@taugh.com>
> Date: Thu, Jul 9, 2020 at 9:59 PM
> Subject: Re: [dispatch] Forced SMTP redirects
> To: <dispatch@ietf.org>
> Cc: <winshell64@gmail.com>
> 
> 
> I'd suggest reposting this to the ietf-smtp list where people
> who've been around a lot longer than I have can explain why
> nobody implements 551 redirects (and as far as I can tell,
> nobody ever did) and there is assigning a different response
> code won't change that. It may seem like a good idea, but
> turns out not to work in practice.
> 
> FWIW I looked through the last seven months of my mail
> server's logs and the total number of 551 responses is zero.
> 
> R's,
> John
> 
> PS: There have been some attempts at setting up
> change-of-address services where you can register old and new
> addresses, so mail servers could query them after getting a
> 550, and they never went anywhere either.
> 
> See US Patents 6,654,789, 6,892,222, and 7,080,122.
> 
> On the other hand, a lot of mail systems now let users keep
> their addresses after they leave, ranging from ISPs like
> Comcast and Spectrum to universities who turn student
> addresses into alumni addresses. They let you forward the
> mail, or you can add it to the list of accounts your MUA
> checks, or either or both.
> 
> 
> 
> 
> In article
> <CAKFo7wkawgk-Yj676kE5MqK8XuebuArMexH-eOdq_Uo7ijdimQ@mail.gmai
> l.com> you write:
>> Hello everyone,
>> 
>> 
>> I have published a new internet-draft that might be of
>> interest.
>> 
>> 
>> As always, its on the Datatracker:
>> 
>> https://datatracker.ietf.org/doc/draft-sam-smtp-redirects/
> 
> _______________________________________________
> ietf-smtp mailing list
> ietf-smtp@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-smtp