Re: Last Call: <draft-ietf-marf-spf-reporting-08.txt> (SPF Authentication Failure Reporting using the Abuse Report Format) to Proposed Standard
Hector <sant9442@gmail.com> Sat, 03 March 2012 05:54 UTC
Return-Path: <sant9442@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B50EB21F853B for <ietf@ietfa.amsl.com>; Fri, 2 Mar 2012 21:54:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.25
X-Spam-Level:
X-Spam-Status: No, score=-3.25 tagged_above=-999 required=5 tests=[AWL=0.349, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XPt+Me6KaqaH for <ietf@ietfa.amsl.com>; Fri, 2 Mar 2012 21:54:03 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id EA09D21F853A for <ietf@ietf.org>; Fri, 2 Mar 2012 21:54:02 -0800 (PST)
Received: by ghbg16 with SMTP id g16so1248853ghb.31 for <ietf@ietf.org>; Fri, 02 Mar 2012 21:54:02 -0800 (PST)
Received-SPF: pass (google.com: domain of sant9442@gmail.com designates 10.236.72.195 as permitted sender) client-ip=10.236.72.195;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of sant9442@gmail.com designates 10.236.72.195 as permitted sender) smtp.mail=sant9442@gmail.com; dkim=pass header.i=sant9442@gmail.com
Received: from mr.google.com ([10.236.72.195]) by 10.236.72.195 with SMTP id t43mr17228128yhd.126.1330754042589 (num_hops = 1); Fri, 02 Mar 2012 21:54:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=MCQYXjrG58k/ltcLz1N+ahID6HhwnLmDh0+viXDhHgA=; b=hmWzwQw1Nj1DcsgL+3apn84ABsG5KFrpK/L0y/BS+HBEeEFVbsb0r/fWj5WkeCf/9d CtI/ksSeEpPLXuNDVLcrwKsWoiHHg6RzSNs4+IrLbYkU94naVtPFlJctVypTwb/GjsgR KqLLPv7uicFDNHfPh8iYDrdERoLPCk08ETPr+nc8HKCWrwK/8y3+OX/ZFpBgW/mJOhek K/Jkz2NMWxmMB2s04eW7/2Nl5F0InRWHcG87mqDudWzGs+1NxfRYMnr+NxjAH0njhdW5 dkrjuUAEih4+H3cpFEHABn65ziw0Et/r2GFUWGL2wHOueejJWF3wGBC7nn3zkpQ912WQ W4dw==
Received: by 10.236.72.195 with SMTP id t43mr13655679yhd.126.1330754042531; Fri, 02 Mar 2012 21:54:02 -0800 (PST)
Received: from adsl-215-50-126.mia.bellsouth.net (99-3-147-93.lightspeed.miamfl.sbcglobal.net. [99.3.147.93]) by mx.google.com with ESMTPS id b73sm19970393yhj.22.2012.03.02.21.54.00 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 02 Mar 2012 21:54:01 -0800 (PST)
Message-ID: <4F51B1F3.3020404@gmail.com>
Date: Sat, 03 Mar 2012 00:53:55 -0500
From: Hector <sant9442@gmail.com>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: Last Call: <draft-ietf-marf-spf-reporting-08.txt> (SPF Authentication Failure Reporting using the Abuse Report Format) to Proposed Standard
References: <20120301004643.17274.83943.idtracker@ietfa.amsl.com> <6.2.5.6.2.20120229181328.0a95a9f8@resistor.net> <9452079D1A51524AA5749AD23E00392806F917@exch-mbx901.corp.cloudmark.com> <18744934.WPNuXzvee6@scott-latitude-e6320> <9452079D1A51524AA5749AD23E003928073049@exch-mbx901.corp.cloudmark.com>
In-Reply-To: <9452079D1A51524AA5749AD23E003928073049@exch-mbx901.corp.cloudmark.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Mar 2012 05:54:03 -0000
Murray S. Kucherawy wrote: > I suggest: > > OLD: > In addition to the advice in security considerations of > [I-D.IETF-MARF-AS] the additional consderations apply to [SPF] auth > failure reports. If the MAIL FROM command is not the NULL return > address, i.e., "MAIL FROM:<>", then the selected MAIL FROM address > MUST pass [SPF] MAIL FROM checks on receipt. The HELO/EHLO command > SHOULD also be selected so that it will pass [SPF] HELO checks. > > NEW: > In addition to the advice in the Security Considerations section of > [I-D.IETF-MARF-AS], these additional considerations apply to > generation of [SPF] authentication failure reports: > > o If the return address to be used will not be the NULL return > address, i.e., "MAIL FROM:<>", then the selected return address > MUST be selected such that it will pass [SPF] MAIL FROM checks > upon initial receipt. > > o If the report is passed to the Mail Submission Agent (MSA) > using [SMTP], the HELO/EHLO command parameter SHOULD also be > selected so that it will pass [SPF] HELO checks. > > If needed, MSA is defined in RFC5598, so maybe this is another argument > for adding it as an informative reference and changing to use ADMD as > discussed in the other thread. If applicable, I would like to provide the following implementation note: MSA - what kind? The PORT 587 kind or a Port 25 kind with a user using ESMTP AUTH? Why? Since use RFC6409 (formerly 4409) has a PORT 587 and ESMTP AUTH requirement which the public SMTP port does not, it was as a indicator and method to skip the strong EHLO checking requirement. In practice this became necessary with the growth of the SOHO and home use NAT market with now Mommy and Daddy had their PCs on the home network and the MUA they used exposed the private side IP literal and the Connection IP was that of the NAT. It was a problem for the SUBMISSION protocol with strong EHLO checking requirements. The solution was to get the MUA (in this case Thunderbird) to offer flexibility in its MTA setting for the EHLO command and in the mean time, relaxed a port 587 connection to delay or skip any initial EHLO checking until the required ESMTP AUTH was completed. With a public port SMTP session, the ESMTP AUTH (MSA like behavior) is not required so any EHLO checking can apply when first presented. Thanks -- HLS
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… SM
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Barry Leiba
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… SM
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… SM
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Dave Crocker
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Barry Leiba
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Barry Leiba
- Re: [marf] Last Call: <draft-ietf-marf-spf-report… SM
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- RE: Last Call: <draft-ietf-marf-spf-reporting-08.… Murray S. Kucherawy
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Scott Kitterman
- Re: Last Call: <draft-ietf-marf-spf-reporting-08.… Hector