Re: header-munging
"D. J. Bernstein" <djb@koobera.math.uic.edu> Wed, 07 August 1996 02:54 UTC
Received: from ietf.org by ietf.org id aa29497; 6 Aug 96 22:54 EDT
Received: from cnri by ietf.org id aa29483; 6 Aug 96 22:54 EDT
Received: from list.cren.net by CNRI.Reston.VA.US id aa19556; 6 Aug 96 22:54 EDT
Received: from localhost (localhost [127.0.0.1]) by list.cren.net (8.6.12/8.6.12) with SMTP id WAA16900; Tue, 6 Aug 1996 22:25:46 -0400
Received: from koobera.math.uic.edu (qmailr@KOOBERA.MATH.UIC.EDU [128.248.178.247]) by list.cren.net (8.6.12/8.6.12) with SMTP id WAA16885 for <ietf-smtp@list.cren.net>; Tue, 6 Aug 1996 22:25:24 -0400
Received: (qmail-queue invoked by uid 666); 7 Aug 1996 02:29:29 -0000
Message-Id: <19960807022929.362.qmail@koobera.math.uic.edu>
Date: Wed, 07 Aug 1996 02:29:29 -0000
X-Orig-Sender: owner-ietf-smtp@list.cren.net
Precedence: bulk
Sender: ietf-archive-request@ietf.org
From: "D. J. Bernstein" <djb@koobera.math.uic.edu>
To: ietf-smtp@list.cren.net
Subject: Re: header-munging
X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN
> So the SUBMIT extension takes real-world situations and makes them more > deterministic. Exactly what problem are you trying to solve? 1. A problem Here's the interoperability problem I'm worried about. naive client ---> fast server ---> rewriting server A naive client (e.g., Netscape) produces a message with several RFC 822 violations (e.g., ``Sender: joe'', missing Date, etc.) and sends it through SMTP, in violation of RFC 821, to a fast SMTP server that doesn't even look at the message (e.g., qmail), which passes it along to a server that, in violation of its fundamental responsibility as an MTA, tries to ``fix'' the header (e.g., sendmail). The result is often a corrupted message. For example, ``Sender: joe'' turns into ``Sender: joe@recipient.host''. Sometimes it's even worse: the message bounces. Unless the envelope sender is correct (which it rarely is), the bounce never comes back. I'm sure everybody agrees that this is a problem. The client is violating all the relevant standards. Hopefully it will be fixed. However, there's still a problem as long as there's still an installed base of naive clients. 2. A solution by out-of-band agreement Under the latest version of qmail, it's very easy to take all messages from certain clients (identified by IP address, for example) and send them through a fix-up program. Some hosts do this. Of course, most hosts have no interest whatsoever in acting as a relay. They set up qmail to reject messages addressed to outsiders. They certainly don't rewrite messages on behalf of anyone who asks. You have no business sending an invalid message to one of these hosts. 3. A better solution We could register a port for SMIP: the Simple Message Injection Protocol. Just like SMTP, but no restrictions on the envelope or body. Any format, any line lengths, any characters, anything the server can deal with. qmail can trivially be set up to run on the SMIP port. Some existing clients can be configured to use SMIP. For the rest, as I've explained, you can simply set up a proxy. The virtue of this solution is that the client is no longer violating RFC 821. It doesn't have to rely on an out-of-band agreement from the server to accept broken messages. Of course, any explicit protocol would have the same virtue. Two particular advantages of SMIP are (1) the ease of implementation and (2) the ease of setting policy. > If the client knows it can't produce proper Message-ID, and/or Date > headers, for example, and doesn't know if the server accepts the new > port or not. I still don't see what problem you're addressing. Let's try some specific cases. 1. The server is sendmail 8.6. It will accept broken messages on port 25. The sysadmin tells naive clients to use port 25. 2. The server is qmail 0.90. The sysadmin is willing to fix up messages upon request, subject to policy limitations. He runs a SMIP server and tells naive clients to use that. 3. The server is qmail 0.90. The sysadmin has no interest in relaying messages. He doesn't run a SMIP server. He rejects messages that aren't addressed to him. In which of these cases would it be a good idea for a client, let's say Netscape, to try more than one port? Or do you have another client-server combination in mind? If so, which? > In no case is the client out of luck; the message does make it where it > is going. On the contrary. The amount of damage depends on the importance of the 821/822 violation. A bad envelope can and will cause the permanent destruction of your message. A minor problem like a missing Date usually won't---but it will when the recipient is running certain software. > The point of the SUBMIT extension is to formalize the process, so the > first MTA knows it is being given permission to fix the message, and > all other MTAs leave it alone, but to still allow the proper thing to > be done when a client doesn't use SUBMIT when it should have. I don't understand. If the server _is_ willing to do ``the proper thing'' for the clients, with no special hints, then what's the problem? If the server _is not_ willing to provide that service, the client has no business sending a broken message. > Also, the draft specifies that the MTA which fixes the message documents > what changes were made. Oops, I missed that. Now I really don't understand what problem you're trying to solve. Users would kick and scream if From: bill To: joe@cs I've picked up the T-Rex---stop by my office and we'll digitize it. were turned into Date: 7 Aug 1996 02:16:35 -0700 (this field added by zoo.movie.edu) From: bill@zoo.movie.edu (was ``bill'', fixed by zoo.movie.edu) To: joe@cs.movie.edu (was ``joe@cs'', fixed by zoo.movie.edu) I've picked up the T-Rex---stop by my office and we'll digitize it. ---Dan
- Re: header-munging Tim Goodwin
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging Michael D'Errico
- Re: header-munging D. J. Bernstein
- Re: header-munging mark
- Re: header-munging D. J. Bernstein
- Re: header-munging Arnt Gulbrandsen
- Re: header-munging D. J. Bernstein
- Re: header-munging Michael D'Errico
- Re: header-munging Randall C. Gellens
- Re: header-munging Randall C. Gellens
- Re: header-munging Randall C. Gellens
- Re: header-munging Valdis.Kletnieks
- Re: header-munging Randall C. Gellens
- Re: header-munging Randall C. Gellens
- Re: header-munging Randall C. Gellens
- Re: header-munging Tim Goodwin
- Re: header-munging Randall C. Gellens
- Re: header-munging Tim Goodwin
- Re: header-munging Keith Moore
- Re: header-munging John W. Noerenberg
- Re: header-munging Harald.T.Alvestrand
- Re: header-munging Einar Stefferud
- Re: header-munging D. J. Bernstein
- Re: header-munging Tim Goodwin
- Re: header-munging Einar Stefferud
- Re: header-munging Keith Moore
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging Tim Goodwin
- Re: header-munging D. J. Bernstein
- Re: header-munging Keith Moore
- Re: header-munging D. J. Bernstein
- Re: header-munging Mark Horton
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging D. J. Bernstein
- Re: header-munging Randall C. Gellens
- Re: header-munging Keith Moore
- Re: header-munging Keith Moore
- Re: header-munging Ned Freed
- Re: header-munging Keith Moore
- Re: header-munging Keith Moore
- Re: header-munging Keith Moore
- Re: header-munging Keith Moore
- Re: header-munging Valdis.Kletnieks
- Re: header-munging Harald.T.Alvestrand
- Re: header-munging Valdis.Kletnieks
- Re: header-munging RANDY
- Re: header-munging RANDY
- Re: header-munging RANDY