Re: [Jmap] Submission
"Chris Newman" <chris.newman@oracle.com> Sat, 22 April 2017 01:48 UTC
Return-Path: <chris.newman@oracle.com>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA484129A9C for <jmap@ietfa.amsl.com>; Fri, 21 Apr 2017 18:48:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.002
X-Spam-Level:
X-Spam-Status: No, score=-7.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-2.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MGYtU0P3owFT for <jmap@ietfa.amsl.com>; Fri, 21 Apr 2017 18:48:16 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C12981296C6 for <jmap@ietf.org>; Fri, 21 Apr 2017 18:48:16 -0700 (PDT)
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v3M1mBdi025197 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 22 Apr 2017 01:48:12 GMT
Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id v3M1mB0S009545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 22 Apr 2017 01:48:11 GMT
Received: from abhmp0018.oracle.com (abhmp0018.oracle.com [141.146.116.24]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id v3M1mAVM002988; Sat, 22 Apr 2017 01:48:10 GMT
Received: from [192.168.15.59] (/66.214.236.56) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 21 Apr 2017 18:48:10 -0700
From: Chris Newman <chris.newman@oracle.com>
To: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
Cc: jmap@ietf.org
Date: Fri, 21 Apr 2017 18:48:09 -0700
Message-ID: <77D58FD6-0D09-424E-8EEF-5C6738BAD6A4@oracle.com>
In-Reply-To: <4471fa93-2321-4a7e-87b0-fbb00927d584@gulbrandsen.priv.no>
References: <20170419163429.8556.qmail@ary.lan> <87d1c873cf.fsf@fifthhorseman.net> <alpine.OSX.2.20.1704191353500.43511@ary.qy> <01QDEV2QM6XC00005O@mauve.mrochek.com> <BC098A22-2837-4316-822A-27232A896EF1@fugue.com> <4471fa93-2321-4a7e-87b0-fbb00927d584@gulbrandsen.priv.no>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5347)
X-Source-IP: userv0021.oracle.com [156.151.31.71]
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/IMfWKnJPXzlKV3IvTVTG0-Z1Sww>
Subject: Re: [Jmap] Submission
X-BeenThere: jmap@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: JSON Message Access Protocol <jmap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jmap>, <mailto:jmap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap/>
List-Post: <mailto:jmap@ietf.org>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jmap>, <mailto:jmap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Apr 2017 01:48:17 -0000
On 21 Apr 2017, at 7:34, Arnt Gulbrandsen wrote: > Ted Lemon writes: >> I think the distinction comes from whether you actually think that >> the SMTP submission protocol is always going to be what's behind a >> message submitted via JMAP. If you think that, then it's going to >> look really weird to not just replicate that exact paradigm with the >> JMAP submission process. > > Hm? > > Won't the nexthop generally be the thing that the port-587 server > forwards to? After all, JMAP already handles authentication, and it's > not clear to me that a typical JMAP server is easily able to > authenticate on behalf of the end user in a way that a port-587 server > accepts. There are lots of standard ways for a proxy to authenticate on behalf of another user to another server. SASL PLAIN over TLS is the most obvious, but a TLS client certificate plus SASL EXTERNAL also works. The OAuth SASL mechanism could also be useful if it was designed correctly (sorry, I haven't reviewed it in detail with respect to that use case). My product's existing JMAP-like proxy is a JSON/HTTP to submission/IMAP proxy. One of the design errors that was made (back in the 1990s) was to not support submission extensions. This is one of the largest remaining design errors in our proxy and has caused significant problems. I do not want the JMAP standard to repeat the mistake we made. > Assuming that JMAP forwards to the filter or smarthost, then requiring > that JMAP servers be able to forward SMTP extensions looks really odd. > A submission server on port 587 cannot forward SMTP extensions from > its nexthop, why should one on port 443 have to? Submission servers do forward hop-to-hop extensions to the next hop. It's how they have to work. SMTP extensions like DELIVERBY, RRVS, SMTPUTF8, MTRK require hop-to-hop forwarding of SMTP parameters. > The usual answer is "so as to not need a corresponding JMAP RFC > whenever there's a new SMTP RFC". That strikes me as poor. A new > extension requires an RFC and three kinds of implementations (SMTP > client, submission server, filter server). The RFC publication bit > isn't usually the bottleneck among those four. We're going to need submission servers until all useful software is updated to use JMAP submission. I'd guess that at many sites that will never happen. So if we must have SMTP submission, then it's desirable to keep JMAP submission as close in semantics to SMTP submission as possible in order to minimize the attack surface and code complexity of the system. Yes, there are some specific tradeoffs where there might be a good reason to deviate from full submission semantics; for example, I'm unsure per-recipient status is useful to most clients so an option where any failed recipient results in failed submission would make sense to me in JMAP. And, of course, JMAP submission should be one round-trip and may have helpful side-effects like moving a message from the \Drafts folder to \Sent folder on success. >> The point is that whichever choice we make, we are going to pay a >> price for it. It's worth asking what that price is, and also asking >> what the advantages are to the choices we have, and then deciding on >> that basis. The fact that we would pay a price for not replicating >> SMTP submission can definitely be taken as a given. > > +1 > > Arnt - Chris
- Re: [Jmap] Submission Alexey Melnikov
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Neil Jenkins
- [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Arnt Gulbrandsen
- Re: [Jmap] Submission Arnt Gulbrandsen
- Re: [Jmap] Submission Arnt Gulbrandsen
- Re: [Jmap] Submission Alexey Melnikov
- Re: [Jmap] Submission Ricardo Signes
- Re: [Jmap] Submission Daniel Kahn Gillmor
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission John R Levine
- Re: [Jmap] Submission John R Levine
- Re: [Jmap] Submission Daniel Kahn Gillmor
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Alexey Melnikov
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Submission Brandon Long
- Re: [Jmap] Submission Brandon Long
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission is not hard Ned Freed
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Address Validation (was Re: Submission) John Levine
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Bron Gondwana
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission is not hard John Levine
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Arnt Gulbrandsen
- Re: [Jmap] Submission John R Levine
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission John Levine
- Re: [Jmap] Submission is not hard Adrien de Croy
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission is not hard John R Levine
- Re: [Jmap] Submission John R Levine
- Re: [Jmap] Submission is not hard Adrien de Croy
- Re: [Jmap] Submission is not hard John R Levine
- Re: [Jmap] Submission is not hard Adrien de Croy
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Message Tracking and JMAP extensibilit… Chris Newman
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Message Tracking and JMAP extensibilit… Adrien de Croy
- Re: [Jmap] Submission Adrien de Croy
- [Jmap] Message Tracking and JMAP extensibility (w… Chris Newman
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Chris Newman
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- [Jmap] Address Validation (was Re: Submission) Chris Newman
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Bron Gondwana
- Re: [Jmap] Submission Adrien de Croy
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission Ted Lemon
- Re: [Jmap] Submission Ned Freed
- Re: [Jmap] Submission Jeremy Harris
- Re: [Jmap] Address Validation (was Re: Submission) Arnt Gulbrandsen
- Re: [Jmap] Address Validation (was Re: Submission) John R Levine
- Re: [Jmap] Address Validation (was Re: Submission) Arnt Gulbrandsen
- Re: [Jmap] Address Validation (was Re: Submission) John Levine
- Re: [Jmap] Address Validation (was Re: Submission) Cyrus Daboo
- Re: [Jmap] Address Validation (was Re: Submission) John Levine
- Re: [Jmap] Address Validation (was Re: Submission) Arnt Gulbrandsen
- Re: [Jmap] Address Validation (was Re: Submission) Ted Lemon
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Bron Gondwana
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Submission Mads Hjorth
- Re: [Jmap] Address Validation (was Re: Submission) Cyrus Daboo
- Re: [Jmap] Address Validation (was Re: Submission) Ted Lemon
- Re: [Jmap] Submission John R Levine
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Adrien de Croy
- Re: [Jmap] Address Validation (was Re: Submission) Cyrus Daboo
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Alexey Melnikov
- Re: [Jmap] Address Validation (was Re: Submission) Paul Smith
- Re: [Jmap] Address Validation (was Re: Submission) Brandon Long
- Re: [Jmap] Address Validation (was Re: Submission) Chris Newman