[secdir] draft-ietf-appsawg-greylisting-06.txt SECDIR review
Donald Eastlake <d3e3e3@gmail.com> Sun, 15 April 2012 01:44 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF5F721F8693; Sat, 14 Apr 2012 18:44:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.181
X-Spam-Level:
X-Spam-Status: No, score=-104.181 tagged_above=-999 required=5 tests=[AWL=-0.582, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id shKVNV4tHvtB; Sat, 14 Apr 2012 18:44:13 -0700 (PDT)
Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id A0CBA21F8692; Sat, 14 Apr 2012 18:44:12 -0700 (PDT)
Received: by lagj5 with SMTP id j5so3419719lag.31 for <multiple recipients>; Sat, 14 Apr 2012 18:44:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type :content-transfer-encoding; bh=KwbE8SBvaWGp6MJdMA0aom+4ZD1rLeCEPCKr59s8hCY=; b=XX5HKjsvEp/rRX+XtFyYG6P916xtdWB23+WjezxI/g9vd/5opZ4qypHK2Lr3rz7h2Z P7l4v5YEnx800PCfTqHCRog8Kk4q3fPTrcKHMGBz7Zbngn9QDJ4n+wcu4mYnyE4pcKho OiN6P31nEBx2tJUo5/VHy2rtjB6BQNbbRItewZJRipEqaTpnOm8iF6UFnV78/TQTIDa9 6TJrH++IxWQHhw8WYyI7iiPtWDBm9ZxxQZHq8Mfog5GqYvVR/GS1ZmEbl2T1R4QXukJb bV3HlLgE8m4Gxysddz5deXqlwYUS2hA+ShqMV0Rfi8x2p8pSDXsexcLR2Z24RhttIaa5 GKEA==
Received: by 10.152.113.229 with SMTP id jb5mr5933930lab.45.1334454251431; Sat, 14 Apr 2012 18:44:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.152.21.162 with HTTP; Sat, 14 Apr 2012 18:43:51 -0700 (PDT)
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Sat, 14 Apr 2012 21:43:51 -0400
Message-ID: <CAF4+nEFkDiy8c++ECGuQ4UECVPwFCHR3qkdkL6pR3TmV27NeRw@mail.gmail.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-appsawg-greylisting.all@tools.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: [secdir] draft-ietf-appsawg-greylisting-06.txt SECDIR review
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Apr 2012 01:44:13 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments. This document discusses grey listing, the returning of temporary failure codes in some SMTP exchanges with mail sources not known to be good guys, to ameliorate spam. The technique is very much heuristic so security consideration are, reasonably, fairly soft rather than the precise, hard edged formulations of cryptographic security. The discussion of variations in grey listing, typical spammer behavior, and potential spammer countermeasures all seem quite reasonable and complete. I do not think any additional security considerations are required. EDITORIAL In one place the draft says "when delivery of mail is timely." when I think it means "when delivery of mail is time critical." or "when delivery of mail must be timely.". Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com
- [secdir] draft-ietf-appsawg-greylisting-06.txt SE… Donald Eastlake
- Re: [secdir] draft-ietf-appsawg-greylisting-06.tx… Murray S. Kucherawy