IETF Logo Mail Archive

Re: [Uta] SMTP Over TLS on Port 26 - Implicit TLS Proposal

"John Levine" <johnl@taugh.com> Tue, 08 January 2019 14:57 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44652124BF6 for <uta@ietfa.amsl.com>; Tue, 8 Jan 2019 06:57:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=oJT9qMAX; dkim=pass (1536-bit key) header.d=taugh.com header.b=flgLjm2R
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O5TKGicofPmn for <uta@ietfa.amsl.com>; Tue, 8 Jan 2019 06:57:28 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71AB1126CB6 for <uta@ietf.org>; Tue, 8 Jan 2019 06:57:28 -0800 (PST)
Received: (qmail 8722 invoked from network); 8 Jan 2019 14:57:26 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=2210.5c34ba56.k1901; bh=uyoA9Qiw1JxL0DSpIbGfYThMEDtGBoUBK0AK6ZonIoY=; b=oJT9qMAXLz//vXS4nD8DF++/6NnNjTxQCsyHO1NUI8P3OooBoAD0kgBJRg+Db8kuBt+HrNbTmWwzzThyKYyQBJ5Dh+TJPqWVhkQGXRMdstFs8GA4yCABmSLcLC5KTKr3jAApGWqrTCkChEqA+0WsFy6NZiLx+LfwIuCMoaFgaLwYyDkbZOeEIfwrs98KiZIzdrMxilTRVHUNf9JkvxfjGTvcYsjdDZqj2ChuDfv7aDOyyru7sQs5xLv9JOUctr/r
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=2210.5c34ba56.k1901; bh=uyoA9Qiw1JxL0DSpIbGfYThMEDtGBoUBK0AK6ZonIoY=; b=flgLjm2RliTJDtaql6QmuWjRrGyz5bETg4YqSIOdIdgJCD02Bzg7uVIN3uVIQv73RrXoG0zFdLRs2T7iEdPkSJS6BsqDqv/AA+qRX/rum7rMOXQ3zeBeWAJ8WAjrt+92DYBqm5ji2/ZtmvPvnhRAgSotO3llcVWROF37a8BBFfDystKxu3OHOeKbg6wbfPXsRd796zlDMRSjHh6sq5zFFzCCXXJ+XTEiutVpgioOflNoXWr7LR7t6wVSkHCbo/6s
Received: from ary.local ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 08 Jan 2019 14:57:26 -0000
Received: by ary.local (Postfix, from userid 501) id 66DC0200C7073B; Tue, 8 Jan 2019 09:57:25 -0500 (EST)
Date: 8 Jan 2019 09:57:25 -0500
Message-Id: <20190108145726.66DC0200C7073B@ary.local>
From: "John Levine" <johnl@taugh.com>
To: uta@ietf.org
Cc: alice@domblogger.net
In-Reply-To: <855a7d10-2af6-4f6b-148a-8c2f6d75960c@domblogger.net>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/nmB53F9Hg9yfPXCXeXv248evYhM>
Subject: Re: [Uta] SMTP Over TLS on Port 26 - Implicit TLS Proposal
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jan 2019 14:57:30 -0000

In article <855a7d10-2af6-4f6b-148a-8c2f6d75960c@domblogger.net> you write:
>MX servers would not be violating RFC if they rejected plain text 
>connection attempts (over 90% of which these days are spam).

10% is a pretty fat long tail.  The people I know who run production
mail systems are much more concerned about receiving all of the real
mail than rejecting spam earlier.

We went through all of this when we invented MTA-STS.  We know that
setting up a web server can be non-trivial but for a lot of places,
it's far easier than geting DNSSEC to work.  I recall a dinner at the
Buenos Aires IETF where we were trying to figure out if there were a
reasonable way to signal stuff in the DNS.  Magic names certainly came
up.

I think it would be a good idea for anyone interested in this topic to
go back through the mailing list discussion and read the drafts and
explain what is different now that we didn't know when we defined
MTA-STS a few months ago.

R's,
John

v2.2.1 | Report a Bug | By Email