IETF Logo Mail Archive

Re: Last Call: draft-ietf-opes-smtp-security (Integrity, privacy and security in OPES for SMTP) to Informational RFC

Frank Ellermann <nobody@xyzzy.claranet.de> Mon, 08 January 2007 20:14 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H40t9-0004K5-DS; Mon, 08 Jan 2007 15:14:35 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H40t8-0004K0-LO for ietf@ietf.org; Mon, 08 Jan 2007 15:14:34 -0500
Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H40t7-0001VG-73 for ietf@ietf.org; Mon, 08 Jan 2007 15:14:34 -0500
Received: from list by ciao.gmane.org with local (Exim 4.43) id 1H40t1-0004Ye-OP for ietf@ietf.org; Mon, 08 Jan 2007 21:14:27 +0100
Received: from 212.82.251.141 ([212.82.251.141]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf@ietf.org>; Mon, 08 Jan 2007 21:14:27 +0100
Received: from nobody by 212.82.251.141 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf@ietf.org>; Mon, 08 Jan 2007 21:14:27 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: ietf@ietf.org
From: Frank Ellermann <nobody@xyzzy.claranet.de>
Date: Mon, 08 Jan 2007 21:10:29 +0100
Organization: <URL:http://purl.net/xyzzy>
Lines: 58
Message-ID: <45A2A535.7BF8@xyzzy.claranet.de>
References: <E1H1ksJ-0003tf-E1@stiedprstage1.ietf.org> <45A009C2.7145@xyzzy.claranet.de> <45A0AD88.9000500@cisco.com> <p06240601c1c842ca69cc@[129.46.225.123]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: 212.82.251.141
X-Mailer: Mozilla 3.0 (OS/2; U)
X-Spam-Score: 1.6 (+)
X-Scan-Signature: 0a7aa2e6e558383d84476dc338324fab
Subject: Re: Last Call: draft-ietf-opes-smtp-security (Integrity, privacy and security in OPES for SMTP) to Informational RFC
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

Ted Hardie wrote:

> I don't think adding explicit interactions with DKIM is appropriate
> for this document,

If OPES sees the complete message (header + body) it could be used as
signer (conceptually somewhere between MSA and mailout) or verifier
(between MX and MDA, if it has DNS access).  That's no problem.

It would be bad if OPES removes or quarantines critical MIME parts
needed for a verifier behind OPES.  Or if it manipulates parts of the
header required for DKIM.  Probably an obvious "don't do that", but
it's less obvious if something behind OPES (e.g. the MDA) decides to
forward or resend the message to a 3rd party.  DKIM is designed to
survive 1123 5.3.6(a) scenarios.

For some purposes OPES has to be as near to the border MX as possible,
ideally allowing to reject the mail before it's accepted.  For other
purposes it has to be as near to the MDA as possible, after it's clear
that the mail is not forwarded to a 3rd party.  That's a conflict.

>> If a mail message was rejected or could not be delivered (and a NDR
>> was sent), the originator of the message may want to bypass the OPES
>> system that blocked the message.

I interpreted that paragraph as "reject (or if that's too late bounce)"
with instructions to the originator how to bypasss OPES.  And that's
in essence the same as C/R.

> I have no comment on whether this is "net abuse"

A bounce to an unverified (no SPF PASS or similar) Return-Path most
probably hits innocent bystanders.  That's unsolicited bulk e-mail,
the "bulk" part being that it's from a bot, not from a human sender,
and some inluding me consider UBE as spam, i.e. net abuse.

> you could easily see the mailman spam quarantine system under this
> model.

Mailman is behind all spam protection systems, DNSBLs, SPF, SA, OPES,
SIEVE, and what else.  It has a decent chance that most crap including
bogus Return-Paths is already filtered before it sends any inquiries
to the envelope sender (as specified in RFC 3834).  But OPES isn't
behind the filters, it is (a part of) the filters.

> Can Frank clarify?

See above, I wasn't talking about "bypass" actions triggered by the
recipient (maybe talking to the sender how to do this), but about any
"bypass" proposal in NDRs to forged envelope senders.

I never got the OPES idea.  Of course folks can do their A/V and
SIEVE and SIQ (I-D.irtf-asrg-iar-howe-siq-03) businesss on a separate
box, they can even outsource it, but they do this already without OPES.
So what's the technical point of OPES wrt mail ?

Frank



_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email