From: [email protected] [mailto:[email protected]] On Behalf Of Steve Atkins Sent: Thursday, April 19, 2012 5:01 PM To: [email protected] Subject: Re: [marf] Reviewers for draft-kucherawy-marf-source-ports
I'm not sure that [LOG] *as applied to email* has value in the real world. Sure, a mix of spam and legitimate mail might leak out from a NAT, but the fix for that is to not allow port 25 outbound from the NAT and route it to a smarthost (where it can be filtered, throttled and have correct Received headers to identify the user added) instead. It's reasonably harmless to add this information to ARF reports, but to standardize it implies that allowing outbound port 25 from a carrier-grade NAT is acceptable practice, which goes against the "don't let end-users or dynamically assigned users send mail directly to receiver MXes" and "don't allow port 25 through a NAT" principles we've been pushing for a while. [MSK: I don't think publishing this extension amounts to an endorsement of allowing outbound port 25 from within a CGN. Why is ARF the right place to make that stand? For cases where such is allowed, the data exchange is desired. Preventing ARF from doing it won't change ISP policies.] What about ident? [MSK: Does anyone still use that?] Sure. I'm not suggesting people use it, but this proposal is a less reliable, less privacy-friendly, replacement for ident so I thought I'd at least mention it. [MSK: I don't think ident has enough current support to make it a viable alternative. How is adding ports to ARF reports a privacy concern?] Cheers, Steve
_______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
