nanog mailing list archives
Re: IPv6 isn't SMTP
From: Barry Shein <bzs () world std com>
Date: Thu, 27 Mar 2014 15:06:15 -0400
On March 27, 2014 at 08:51 blake () ispn net (Blake Hudson) wrote:
The primary issues I see with SMTP as a protocol related to the lack of authentication and authorization. Take, for instance, the fact that the SMTP protocol requires a mail from: and rcpt to: address (more or less for authentication and authorization purposes), but then in the message allows the sender to specify a completely different set of sender and recipient information that gets displayed in the mail client.
This is mostly a UI issue. The user interface could show anything, custom certainly has been as you describe: Show the message From: and make it tricky (for most people) to get the envelope info. Well, it's not mandatory that an MTA transmit the envelope info into the message headers and, almost worse, different MTAs seem to use different header fields for this. For example in SpamAssassin you are encouraged to set which field it should look at for the envelope sender. But that's not REALLY a problem with SMTP per se. Only in practice, if that's a useful distinction. I won't go point by point but I will say that SMTP has been extended several times -- just throw another verb into the mix to extend it. Which is a very useful observation. SMTP also can transmit which verbs are supported. One can extend a new idea and it's immediately interoperable. I suppose the obvious question is: What's to stop a spammer from putting a totally legitimate key into their spam? You also need some sort of reputation layer. Or maybe that makes it unworkable. I remember at the 2006 MIT Spam Conference where Eric Allman and I were keynotes we got into a bit of a tussle over exactly this during his question period. It was...amusing! -- -Barry Shein The World | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Current thread:
- IPv6 isn't SMTP Cutler James R (Mar 25)
- Re: IPv6 isn't SMTP Paul S. (Mar 25)
- Re: IPv6 isn't SMTP John Levine (Mar 25)
- Re: IPv6 isn't SMTP Daniel Taylor (Mar 26)
- Re: IPv6 isn't SMTP rwebb () ropeguru com (Mar 26)
- Re: IPv6 isn't SMTP Andrew Sullivan (Mar 26)
- Re: IPv6 isn't SMTP Daniel Taylor (Mar 26)
- Re: IPv6 isn't SMTP Blake Hudson (Mar 26)
- Re: IPv6 isn't SMTP Jimmy Hess (Mar 26)
- Re: IPv6 isn't SMTP Blake Hudson (Mar 27)
- Re: IPv6 isn't SMTP Barry Shein (Mar 27)
- Re: IPv6 isn't SMTP Blake Hudson (Mar 27)
- Re: IPv6 isn't SMTP Barry Shein (Mar 27)
- Re: IPv6 isn't SMTP Blake Hudson (Mar 28)
- Re: IPv6 isn't SMTP Daniel Taylor (Mar 26)
- Re: IPv6 isn't SMTP Clay Fiske (Mar 27)
- Re: IPv6 isn't SMTP Blake Hudson (Mar 28)
- Re: IPv6 isn't SMTP Dave Crocker (Mar 27)
- Re: IPv6 isn't SMTP Lamar Owen (Mar 27)
- Re: IPv6 isn't SMTP James R Cutler (Mar 26)
- Re: IPv6 isn't SMTP John Levine (Mar 26)