If an MSA is not able to determine a return path to the submitting
user, from a valid MAIL FROM, a valid source IP address, or based on
authenticated identity, then the MSA SHOULD immediately reject the
message. A message can be immediately rejected by returning a 550
code to the MAIL command. ...
In any event, this language is unchanged since 2476 and it seems to me
that is that it's so obviously wrong that nobody's tried to do what it
says, making it harmless.
What's "a return path to the submitting user"? Why should an MSA
care?
It's a implementation quality thing. The longer you wait to return an error,
the less likely the notification will make it back to the person who needs to
know the message didn't make it.
Now I'm doubly confused. Are we interpreting this as "if the MSA knows
the message is messed up, reject it?" That's fine advice, but I can't see
any relation between that and the existing text.
I realize this advice has been in SUBMIT RFCs since 1998, but just out of
curiosity, what MUAs do that? I've never seen one. If after 13 years
nobody's taken the advice, perhaps it's time to stop.
There are several that came out of the X.400 world that do this - it's a
GOSIP requirement, more or less.
I would be inclined to agree with removing this if compliance language
were involved, but AFAICT it isn't. THis is just implementation advice, and
IMO it is sound implementation advice.
Seems a bit odd to reiterate advice that people have been ignoring for 13
years, but I suppose many of us have teen-aged children.
I've never used IPsec at all, being an ssh kind of guy. How about redoing
the advice to say something general about using session security
appropriate to the (in)security of the connection?
Sounds like a good idea to me. At this point I'm not even sure that it
is sound implementation advice to recommend IPSec. (I have been forced
to use IPSec; it has not been a happy experience at all and I'm
delighted that the trend seems to be towards TLS or ssh and away from
IPSec.)
OK, will try to invent a sentence or two.
Again, I see the point but in the not uncommon case that the MSA doesn't
have access to the full table of local addresses, the worst thing that
will happen is a bounce, which may be annoying but doesn't seem "unsafe"
to me.
I've seen this practice result in delivery to the wrong recipient. That
seems unsafe to me.
Huh? I send a message to "foo", an address that doesn't exist because the
user's address is actually "[email protected]". Then what happens?
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
yam mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/yam
