Re: Last Call: SMTP Message Submission to Proposed Standard
Lyndon Nerenberg <lyndon@esys.ca> Mon, 11 May 1998 21:30 UTC
Delivery-Date: Mon, 11 May 1998 17:41:23 -0400
Return-Path: cclark
Received: (from adm@localhost) by ietf.org (8.8.5/8.8.7a) id RAA27555 for ietf-outbound.10@ietf.org; Mon, 11 May 1998 17:30:02 -0400 (EDT)
Received: from rembrandt.esys.ca (rembrandt.esys.ca [198.161.92.18]) by ietf.org (8.8.5/8.8.7a) with ESMTP id RAA27477 for <ietf@ietf.org>; Mon, 11 May 1998 17:23:50 -0400 (EDT)
Received: from lautrec.esys.ca (lautrec.esys.ca [198.161.92.11]) by rembrandt.esys.ca (2.0.2/8.8.8) with SMTP id PAA25795; Mon, 11 May 1998 15:20:55 -0600
Date: Mon, 11 May 1998 15:20:54 -0600
From: Lyndon Nerenberg <lyndon@esys.ca>
To: Dave Crocker <dcrocker@brandenburg.com>
cc: perry@piermont.com, Jack De Winter <jack@wildbear.on.ca>, ietf-submit@IMC.ORG, ietf@ietf.org
Subject: Re: Last Call: SMTP Message Submission to Proposed Standard
In-Reply-To: <199805111935.MAA10351@baygate.bayarea.net>
Message-ID: <Pine.SGI.3.96.980511151211.18208A-100000@lautrec.esys.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
> It's now time to create a distinct posting service and to create it as > simply as possible. Instantiating SMTP on a separate port and with some > very explicit statements about the strictures at the server, distinguishing > relay processing from submission processing, is the easiest way for us to > accomplish this. The problem with SUBMIT (according to the latest draft I reviewed) is that AUTH is optional. Unless SUBMIT *requires* authenticated message injection it isn't going to do anything to solve the spam problem. In fact, it makes it worse: SUBMIT servers, by definition, *must* support relay. I still contend that the existing SMTP, coupled with AUTH, and including the SUBMIT header processing extensions described in the draft, will work just fine one the existing port. In the course of identifying yourself to the SMTP server (via AUTH), the SMTP server is able to determine (through those authentication credentials) whether the authenticated entity is entitled to "submit" messages. (E.g., if the "submit" bit is lit up in the credentials for the authentication entity, the server allows relaying and enables the SUBMIT header processing functionality.) As a bonus side effect, it ensures the rapid deployment of SMTP AUTH. --lyndon
- Re: Last Call: SMTP Message Submission to Propose… Dave Crocker
- Re: Last Call: SMTP Message Submission to Propose… Lyndon Nerenberg
- Re: Last Call: SMTP Message Submission to Propose… Dave Crocker
- Re: Last Call: SMTP Message Submission to Propose… Perry E. Metzger
- Re: Last Call: SMTP Message Submission to Propose… Dave Crocker
- Re: Last Call: SMTP Message Submission to Propose… Perry E. Metzger
- Re: Last Call: SMTP Message Submission to Propose… Dave Crocker
- Re: Last Call: SMTP Message Submission to Propose… Jack De Winter