[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: iesg comment re message submission in draft-ietf-grip-isp-expectations-03.txt
At 8:07 AM +0200 5/30/00, Patrik Fältström wrote:
> - Number one important issue is that people start using SMTP AUTH
> - Number two is to use SMTP SUBMIT
I agree this these priorities.
> The reason for the use of the MSA is today much more about
> "submission of incomplete messages" than because of security issues
> and filtering on ip numbers, because as I describe above filtering
> on ip addresses doesn't work anymore. People do move around and
> need to be able to submit messages all the time. The
> differentiation in port numbers you describe in the document only
> works if you can do some filtering -- or the services MTA and MSA
> can be on the same port, 25.
If you separate submission from relay, it becomes easier to apply
security filters.
At 9:07 AM -0400 5/30/00, Mike O'Dell wrote:
> instead of offering reasoned advice in an reasonable tone, it
> makes pontifical demands in a very strident voice, ostensibily
> distinguishing the saved from the damned.
Are you saying the text in question does this?
How about this text:
----------
Message submissions should be authenticated using the AUTH SMTP
service extension as described in the "SMTP Service Extension for
Authentication" [RFC2554].
SMTP AUTH is preferred over IP address-based submission restrictions
in that it gives the ISP's customers the flexibility of being able to
submit mail even when not connected through the ISP's network (for
example, while at work), is more resistant to spoofing, and can be
upgraded to newer authentication mechanisms as they become available.
In addition, to facilitate the enforcement of security policy, it is
strongly recommended that messages be submitted using the MAIL SUBMIT
port (587) as discussed in "Message Submission" [RFC2476], rather
than through the SMTP port (25). In this way the SMTP port (25) can
be restricted to local delivery only.
The reason for this is to be able to differentiate between inbound
local delivery and relay (i.e., allow customers to send email via the
ISP's SMTP service to arbitrary receivers on the Internet).
Non-authenticated SMTP should only be allowed for local delivery.
As more and more mail clients support both SMTP AUTH and the message
submission port (either explicitly or by configuring the SMTP port),
ISPs may find it useful to require that customers submit messages
using both the submission port and SMTP AUTH; permitting only inbound
mail on port 25.
These measures (SMTP AUTH and the submission port) not only protect
the ISP from serving as a UBE injection point via third-party relay,
but also help in tracking accountability for message submission in
the case where a customer sends UBE.
----------