[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-grip-isp-expectations-03.txt

To: grip-wg@TransSys.COM
Subject: draft-ietf-grip-isp-expectations-03.txt
From: Randy Bush <randy@psg.com>
Date: Mon, 22 May 2000 19:14:32 -0700
Comment: grip-wg mailing list add/drop requests to Majordomo@TransSys.COM

iesg comments included the appended.

randy

----

>   ISPs should also strongly encourage their customers to disable open
>   relaying on their mail servers.  Sanctions for running an open mail
>   relay should be covered in an ISP's AUP.

I don't like the use of the word "Sanctions" in this context. I am
particularly concerned because the exact definition of "Open Relay"
varies with different people defining it to mean different things. I
really don't want to further encourage the anti-spam fanatics with such
language.

>5.4 Message Submission
>
>   To facilitate the enforcement of security policy message submission
>   should be done through the MAIL SUBMIT port (587) as discussed in
>   "Message Submission" [RFC2476], rather than through the SMTP port
>   (25).  In addition, message submissions should be authenticated using
>   the AUTH SMTP service extension as described in the "SMTP Service
>   Extension for Authentication" [RFC2554].  In this way the SMTP port
>   (25) can be restricted to local delivery only.

This stuff isn't really deployed yet so this paragraph (and the following
related paragraph) are not really appropriate. Perhaps a forward looking
paragraph stating that ISP's should install servers that can accept the
MAIL SUBMIT protocol as soon as feasible to encourage deployment.

Prev by Date: Re: Security Expectations for Internet Service Providers to BCP
Next by Date: iesg comment re message submission in draft-ietf-grip-isp-expectations-03.txt
Previous by thread: draft-ietf-grip-isp-expectations-03.txt
Next by thread: Re: draft-ietf-grip-isp-expectations-03.txt
Index(es):
- Date
- Thread