IETF Logo Mail Archive

Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)

Viktor Dukhovni <ietf-dane@dukhovni.org> Tue, 26 February 2019 23:46 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A7F912D829; Tue, 26 Feb 2019 15:46:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dg0qclM7vGez; Tue, 26 Feb 2019 15:45:59 -0800 (PST)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79CCD12D4EA; Tue, 26 Feb 2019 15:45:59 -0800 (PST)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id B396214668; Tue, 26 Feb 2019 18:45:57 -0500 (EST)
Date: Tue, 26 Feb 2019 18:45:57 -0500
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: uta@ietf.org
Cc: uta-chairs@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-uta-smtp-require-tls@ietf.org
Message-ID: <20190226234557.GT916@straasha.imrryr.org>
Reply-To: uta@ietf.org
References: <155072491254.20210.15187912705241578950.idtracker@ietfa.amsl.com> <7061cefb-0f2d-5257-e10c-95be14a7413f@bluepopcorn.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <7061cefb-0f2d-5257-e10c-95be14a7413f@bluepopcorn.net>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/2_WyosIzNUenAh9Zr7c8s2laI_c>
Subject: Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Feb 2019 23:46:02 -0000

On Tue, Feb 26, 2019 at 03:26:05PM -0800, Jim Fenton wrote:

> >    If a REQUIRETLS message is bounced, the server MUST behave as if
> >    RET=HDRS was present as described in [RFC3461].  If both RET=FULL and
> >    REQUIRETLS are present, the RET=FULL MUST be disregarded and MAY be
> >    transformed to RET=HDRS on relay.  The SMTP client for a REQUIRETLS
> >
> > If the MAY is not taken, will the next hop be obligated to detect that this
> > is a bounce and apply the preceding MUSTs?  If not, perhaps this also
> > should be a MUST?
>
> It seems like it should, yes.

Actually, absolutely not.  It is not the job of email *relays* to
modify the message content, and they must not be obligated to do
so.  Message modifications break DKIM signatures, and require
content processing logic that relays are not expected to support.

The bounce is constructed as a new message at the server that
encounters the initial delivery problem, it is *only* at *that*
point that the decision can be made to include or exclude the
original message body in the bounce.

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email