IETF Logo Mail Archive

Re: IETF Policy on dogfood consumption or avoidance - SMTP version

Hector Santos <hsantos@isdg.net> Thu, 19 December 2019 17:18 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DCEE120917 for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 09:18:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=NVFfZEpb; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=mO8qPrFm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c79v_gcgP-lM for <ietf@ietfa.amsl.com>; Thu, 19 Dec 2019 09:18:56 -0800 (PST)
Received: from mail.winserver.com (ntbbs.winserver.com [76.245.57.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B7EA120930 for <ietf@ietf.org>; Thu, 19 Dec 2019 09:18:55 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=3334; t=1576775932; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=L9BW6VYIRIAccZ73i2yWsqzaJJs=; b=NVFfZEpby23uO16yLKYwG/LSZHGtuy9GIwm6YD9Vvom3F0Iwq39GhO6uLmVGjn kdtb8i93RHHVDSlegcIgUCJTIRIQVepQmtKTKsDM/5+iMzT4gZtKCu40zAdzv3FL Js8WKQ6SPZQuSJerabiGoGkHBWLpRqrcs6UTz2jXw2+uw=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.9) for ietf@ietf.org; Thu, 19 Dec 2019 12:18:52 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([76.245.57.74]) by winserver.com (Wildcat! SMTP v8.0.454.9) with ESMTP id 388313313.42331.6232; Thu, 19 Dec 2019 12:18:51 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3334; t=1576775774; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=qIdXFYC furhb8+P3fFX8nLKFR42TinqKf00rrKr8fx4=; b=mO8qPrFmdt4Yrgt9YfGUMdI Am3QzHs7I2D4SzedFOdDJa/7Ob5wBJkivWQR1q4+HNFy8+/312CsooaDgl9o3EQN /fR6ciC0zYmKhTGaz8jtlS+7+W1IXY4P2XNpD6ygy6SF+ibsTxI/i7d6CNUOZL0f tunCn/UGmJDgxzC7EE1g=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.9) for ietf@ietf.org; Thu, 19 Dec 2019 12:16:14 -0500
Received: from [192.168.1.68] ([75.26.216.248]) by beta.winserver.com (Wildcat! SMTP v8.0.454.9) with ESMTP id 950954531.1.4884; Thu, 19 Dec 2019 12:16:13 -0500
Message-ID: <5DFBB0FD.2010902@isdg.net>
Date: Thu, 19 Dec 2019 12:18:53 -0500
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: IETF Policy on dogfood consumption or avoidance - SMTP version
References: <8EE11B75E1F8A7E7105A1573@PSB> <m2a77ttff6.wl-randy@psg.com> <CABL0ig4Wz-0dk7bsRpaN6pni2rHEc-jPnygwed_Hygy+CiehQA@mail.gmail.com> <16306b3a-63bd-621e-636c-dd7626f74733@foobar.org> <4D7EEBF62E149D1F23BA6A32@PSB> <58595081-6F4F-45E2-9798-B691AC919D28@cisco.com> <15D46124EFC1486F3613EF01@PSB> <0D67643B-00ED-482A-BCE0-1CF5A513C61F@cisco.com> <1fdc9df2-b66b-26cc-0e83-e973d30b8ec0@tana.it> <E0C999A5-18A9-4164-814E-3B85034028D2@cisco.com>
In-Reply-To: <E0C999A5-18A9-4164-814E-3B85034028D2@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/Ikq09JCYLJnJEoCk02dm1n2EJTw>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 17:19:00 -0000

On 12/19/2019 5:07 AM, Eliot Lear wrote:
>>
>> That's hardly acceptable.
>
> Alessandro, I respect your opinion,  but *we* don’t get to decide that
> for others. The person who gets to decide whether a PTR is required is
> the MTA administrator and nobody else.  I take the point about market
> concentration, but that has to be balanced against other operational
> considerations, and it will likely lose every time.
>
> Eliot


Hi Eliot,

I think we need to take a step back and recognize the developer vs 
administrative conflicts and the contention this particular ip-literal 
issue is highlighting.

For nearly four decades, we asked implementators to follow IETF 
guidelines and we did. Code is burned in and for SMTP, the ip literals 
is an acceptable base component of the protocol.  It is part of the 
base SMTP engine and state machines, so even if all the guidelines are 
followed 100%, what has occurred here, breaks the protocol, change 
code.

The impact may be small, but nonetheless, there are violations of the 
specs on both side.

So who takes responsibility, what are we asking of implementators?

Technically, the mail.ietf.org is RFC2821 correct in one respect.  If 
the Client has any public FQDN for the machine, then per spec it MUST 
use one. Per spec, IFF there are no public FQDN, then it MUST use a 
squared bracket IP-literal.

Thats that rule and I will 100% accept it because I can't argue it if 
it was the reason for the mail.ietf.org rejection.  My MTA did not use 
an FQDN when in fact there is one.

But the SMTP specs also say, it MUST NOT reject on this basis and I 
was part of the WG encouraging text that we now find in section 7.9 
because we had new situations where a "MUST NOT reject" rule was not 
appropriate for 100% detectable MTA problems using deterministic 
protocols.  We had greylisting, SPF, CBV and DKIM/ADSP coming and we 
needed to arm administrators with some new negative reply codes to 
explain and justify rejections.  Please note that none of the new SMTP 
add-on technology broke SMTP or changed it. It enhanced it. It was 
backward compatible.

However, mail.ietf.org rejection on a perfectly defined per spec item 
was not done because a valid FQDN was found to be available, hence 
reject on that basis. No, it simply flat out rejected ip literal usage 
all together despite correction.  The odd thing of forcing FQDN is not 
validating it.

In other word,  the mail.ietf.org implementation is promoting 
obsolescence and implementers who may use this server as a test site 
and example of the "standards" to resolve ambiguous design issues, it 
could begin to change things and I am not sure this is a desirable 
situation. Or is it?

I don't think we are at evolutionary SMTP stage yet were eliminating 
the IP-literal would be desirable.

 From a DNS standpoint, we advocate no PTR records, but from a Mail 
Admin AVS standpoint we do.  But even SPF as deprecated the use of PTR 
directives.

I ask for sound engineering consistency.  That is all I even ask in 
all my time participating the WG as an implementator. I don't say much 
until I have too because now it steps on my toes.

Do I have to change my SMTP code to avoid using ip literals? Do I even 
give operators the opportunity to set it up this way?

Thanks

-- 
HLS

v2.23.0 | Report a Bug | By Email