IETF Logo Mail Archive

Re: Last Call: draft-klensin-rfc2821bis

Douglas Otis <dotis@mail-abuse.org> Sun, 23 March 2008 06:05 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietfarch-ietf-archive@core3.amsl.com
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F057528C3A4; Sat, 22 Mar 2008 23:05:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.043
X-Spam-Level:
X-Spam-Status: No, score=-102.043 tagged_above=-999 required=5 tests=[AWL=-1.606, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwqcubZzTw4Q; Sat, 22 Mar 2008 23:05:47 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9F3653A6B6B; Sat, 22 Mar 2008 23:05:38 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A7AA228C38F for <ietf@core3.amsl.com>; Sat, 22 Mar 2008 23:05:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYRoGwffg46I for <ietf@core3.amsl.com>; Sat, 22 Mar 2008 23:05:36 -0700 (PDT)
Received: from harry.mail-abuse.org (harry.mail-abuse.org [168.61.5.27]) by core3.amsl.com (Postfix) with ESMTP id 91D893A6B47 for <ietf@ietf.org>; Sat, 22 Mar 2008 23:04:55 -0700 (PDT)
Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 36754A944FF; Sun, 23 Mar 2008 06:02:31 +0000 (UTC)
Message-Id: <A4667B79-FD0D-451A-95ED-664755C3B9A0@mail-abuse.org>
From: Douglas Otis <dotis@mail-abuse.org>
To: John C Klensin <john-ietf@jck.com>
In-Reply-To: <DCDDC87913F69C0517A88E8B@p3.JCK.COM>
Mime-Version: 1.0 (Apple Message framework v919.2)
Subject: Re: Last Call: draft-klensin-rfc2821bis
Date: Sat, 22 Mar 2008 23:02:30 -0700
References: <200803202203.m2KM32hA031011@drugs.dv.isc.org> <DCDDC87913F69C0517A88E8B@p3.JCK.COM>
X-Mailer: Apple Mail (2.919.2)
Cc: Mark Andrews <Mark_Andrews@isc.org>, ietf list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Mar 20, 2008, at 3:30 PM, John C Klensin wrote:

>
>
> --On Friday, 21 March, 2008 09:03 +1100 Mark Andrews
> <Mark_Andrews@isc.org> wrote:
>
>> 	I think Doug is saying don't let domains with just AAAA
>> 	records be treated as valid RHS of email.  Today we
>> 	have to add records to domains with A records to say that
>> 	these are not valid RHS of email.  With MX synthesis
>> 	from AAAA you create the same problem for domains with
>> 	AAAA records.
>>
>> 		user@<A record owner>
>> 		user@<MX record owner>
>> 		user@<AAAA record owner>  * don't allow this.
>
> Mark, Doug,
>
> With the understanding that this is just my personal opinion (as  
> editor, I'll do whatever I'm told) _and_ that I'm personally  
> sympathetic to phasing out even the A record implicit MX...
>
> It seems to be that 2821bis is the wrong place to try to fix this,  
> especially via a comment posted well after the _second_ Last Call  
> closed.   The current phrasing is not an oversight. It was  
> explicitly discussed on the mailing list and this is the behavior  
> that people decided they wanted.


John,

In the past you had made several comments that RFC2821bis would not  
change SMTP, and that you had also stated AAAA records where NOT  
defined as SMTP server discovery records.  (Not in those words of  
course.)  It does not appear this change was your choice, but  
nonetheless and surprisingly this unfortunate change is now being made.

The "update" of RFC2821 is making a _significant_ architectural change  
to SMTP by explicitly stating AAAA records are within a list of SMTP  
server discovery records.  This change represents a poor architectural  
choice since this _will_ increase the burden on networks being spoofed  
by abusive email.  Due to high levels of abuse, confirming validity of  
email domains by checking for discovery (A and MX) records in the  
forward DNS zone often replaces an alternative of checking PTR records  
in the in-addr.arpa reverse DNS zone.  The reverse zone suffers from  
poor maintenance where its use creates a sizeable burden for  
recipients.  RFC2821bis now adds AAAA records to a list of records  
that must be checked to disqualify public SMTP server domains within  
the DNS forward direction.  This change adds to the transactional  
burdens already headed in the wrong direction.  It would seem a sound  
architectural change would be to deprecate A records as a means to  
qualify domains for message acceptance, but RFC2822bis adds AAAA  
records instead.  This situation becomes considerably worse when  
domain tree walking or wildcards are then preferred over checks  
against discovery records.

It was not my intention to post this after last call, but this only  
came to my attention recently.  For that I am sorry, nevertheless this  
issue may deserve greater consideration.

-Doug










_______________________________________________
IETF mailing list
IETF@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email