Re: iesg comment re message submission in draft-ietf-grip-isp-expectations-03.txt

[Randall Gellens <randy@qualcomm.com>]

At 8:07 AM +0200 5/30/00, Patrik Fältström wrote:

>  - Number one important issue is that people start using SMTP AUTH
>  - Number two is to use SMTP SUBMIT

I agree this these priorities.

>  The reason for the use of the MSA is today much more about 
> "submission of incomplete messages" than because of security issues 
> and filtering on ip numbers, because as I describe above filtering 
> on ip addresses doesn't work anymore. People do move around and 
> need to be able to submit messages all the time. The 
> differentiation in port numbers you describe in the document only 
> works if you can do some filtering -- or the services MTA and MSA 
> can be on the same port, 25.

If you separate submission from relay, it becomes easier to apply 
security filters.


At 9:07 AM -0400 5/30/00, Mike O'Dell wrote:

>  instead of offering reasoned advice in an reasonable tone, it
>  makes pontifical demands in a very strident voice, ostensibily
>  distinguishing the saved from the damned.

Are you saying the text in question does this?


How about this text:

----------

Message submissions should be authenticated using the AUTH SMTP 
service extension as described in the "SMTP Service Extension for 
Authentication" [RFC2554].

SMTP AUTH is preferred over IP address-based submission restrictions 
in that it gives the ISP's customers the flexibility of being able to 
submit mail even when not connected through the ISP's network (for 
example, while at work), is more resistant to spoofing, and can be 
upgraded to newer authentication mechanisms as they become available.

In addition, to facilitate the enforcement of security policy, it is 
strongly recommended that messages be submitted using the MAIL SUBMIT 
port (587) as discussed in "Message Submission" [RFC2476], rather 
than through the SMTP port (25).   In this way the SMTP port (25) can 
be restricted to local delivery only.

The reason for this is to be able to differentiate between inbound 
local delivery and relay (i.e., allow customers to send email via the 
ISP's SMTP service to arbitrary receivers on the Internet). 
Non-authenticated SMTP should only be allowed for local delivery.

As more and more mail clients support both SMTP AUTH and the message 
submission port (either explicitly or by configuring the SMTP port), 
ISPs may find it useful to require that customers submit messages 
using both the submission port and SMTP AUTH; permitting only inbound 
mail on port 25.

These measures (SMTP AUTH and the submission port) not only protect 
the ISP from serving as a UBE injection point via third-party relay, 
but also help in tracking accountability for message submission in 
the case where a customer sends UBE.


----------