IETF Logo Mail Archive

Re: Comments on draft-freed-sieve-environment-04

Kjetil Torgrim Homme <kjetilho@ifi.uio.no> Wed, 26 March 2008 23:43 UTC

Return-Path: <owner-ietf-mta-filters@mail.imc.org>
X-Original-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Delivered-To: ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A9CB13A6906 for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Wed, 26 Mar 2008 16:43:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.323
X-Spam-Level:
X-Spam-Status: No, score=-2.323 tagged_above=-999 required=5 tests=[AWL=-0.277, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iyZxGC+hxYLI for <ietfarch-sieve-archive-Aet6aiqu@core3.amsl.com>; Wed, 26 Mar 2008 16:43:27 -0700 (PDT)
Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by core3.amsl.com (Postfix) with ESMTP id 8388828C816 for <sieve-archive-Aet6aiqu@ietf.org>; Wed, 26 Mar 2008 16:43:27 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m2QNWT1R022786 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 26 Mar 2008 16:32:29 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id m2QNWT8J022785; Wed, 26 Mar 2008 16:32:29 -0700 (MST) (envelope-from owner-ietf-mta-filters@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-mta-filters@mail.imc.org using -f
Received: from pat.uio.no (pat.uio.no [129.240.10.15]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m2QNWPSK022778 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-mta-filters@imc.org>; Wed, 26 Mar 2008 16:32:28 -0700 (MST) (envelope-from kjetilho@ifi.uio.no)
Received: from mail-mx2.uio.no ([129.240.10.30]) by pat.uio.no with esmtp (Exim 4.67) (envelope-from <kjetilho@ifi.uio.no>) id 1Jef6W-000826-Fl; Thu, 27 Mar 2008 00:32:24 +0100
Received: from smtp.uio.no ([129.240.10.9] helo=mail-mx2.uio.no) by mail-mx2.uio.no with esmtp (Exim 4.69) (envelope-from <kjetilho@ifi.uio.no>) id 1Jef6W-00038a-Am; Thu, 27 Mar 2008 00:32:24 +0100
Received: from pat-gw.osl.fast.no ([217.144.235.5] helo=[192.168.2.4]) by mail-mx2.uio.no with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <kjetilho@ifi.uio.no>) id 1Jef6W-00038S-7H; Thu, 27 Mar 2008 00:32:24 +0100
Subject: Re: Comments on draft-freed-sieve-environment-04
From: Kjetil Torgrim Homme <kjetilho@ifi.uio.no>
To: Ned Freed <ned.freed@mrochek.com>
Cc: ietf-mta-filters@imc.org
In-Reply-To: <01MSU1O7TZT600007A@mauve.mrochek.com>
References: <alpine.BSO.1.00.0803190129540.441@vanye.mho.net> <01MSRCK0MPHS00005Q@mauve.mrochek.com> <1206459316.16281.2.camel@oslhomkje> <01MSU1O7TZT600007A@mauve.mrochek.com>
Content-Type: text/plain
Date: Thu, 27 Mar 2008 00:32:21 +0100
Message-Id: <1206574341.16281.60.camel@oslhomkje>
Mime-Version: 1.0
X-Mailer: Evolution 2.12.1
Content-Transfer-Encoding: 7bit
X-UiO-SPF-Received:
X-UiO-Resend: resent
X-UiO-SPF-Received:
X-UiO-Spam-info: not spam, SpamAssassin (score=0.0, required=5.0, autolearn=disabled, none)
X-UiO-Scanned: 9FD28212B980FE49920F8D8FE1DE5A8031F291BE
X-UiO-SR-test: 1E76970EB6112D88974F33C882E23676DF8F7FF0
X-UiO-SPAM-Test: remote_host: 129.240.10.9 spam_score: 0 maxlevel 200 minaction 2 bait 0 mail/h: 222 total 7542880 max/h 8345 blacklist 0 greylist 0 ratelimit 0
Sender: owner-ietf-mta-filters@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-ID: <ietf-mta-filters.imc.org>
List-Unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>

On Tue, 2008-03-25 at 09:52 -0700, Ned Freed wrote:
> > On Sun, 2008-03-23 at 10:50 -0700, Ned Freed wrote:
> > > Also a good point. I have added:
> > >
> > >   The remote-host environment item defined in this specification is usually
> > >   determined by performing a PTR DNS lookup on the client IP address. This
> > >   information may come from an untrusted source. For example, the test:
[...]
> > sorry, I don't understand what this means.  is the existence of a PTR
> > record sufficient?
> 
> Who knows? The mechanism used to obtian the remote-host isn't (and should not
> be) specified. As such, a PTR could be sufficient. Or it may not be - some
> systems do a backwards-forwards check. And there can even be cases when a PTR
> record isn't needed - DNS names aren't the only game in town, you know.

ok.  I think it could be made a little clearer, though.  how about:

        How to determine the remote-host environment item defined in
        this specification is left up to the implementation, e.g, if TLS
        is in use, the remote system's name can be extracted from the
        client certificate if the signer is trusted.  Probably more
        commonly it will be determined by performing a PTR DNS lookup on
        the client IP address.  This information may come from an
        untrusted source.  For example, the test:

another alternative, with no specific details about alternatives:

        An implementation can use any technique to determine the
        remote-host environment item defined in this specification, and
        the trustworthiness of the result will vary.  One common method
        will be to perform a PTR DNS lookup on the client IP address.
        This information may come from an untrusted source.  For
        example, the test:

what do you think?
-- 
Kjetil T.

v2.23.0 | Report a Bug | By Email