Re: IETF SMTP Working Group Proposal at smtpng.org

[Avleen Vig <lists-nanog () silverwraith com>]

On Tue, 20 Aug 2002, william () elan net wrote:

> Several (if not most) of the issues indeed have solutions available (which
> is BIG plus for this project), almost none have any standards and there
> is no wide use at all. I want standards to be defined and in a way that
> would encorage worldwide use of these features and in my view it means
> new version of the protocol (with backward compatibility). I fully
> understand that this will not be implemented in couple years and if this
> all goes though, we'll be lucky to see the features used in any serious
> manner in no less then 5 years.

As you say there are a number of good solutions availible for most of the
problems that you have shown.
Unfortuantely I don't believe the lack of uptake is due to either
complexity, unavailibility, or lack of standardization.
Rather, it is a matter of convenience to not use some features, or lack of
need to use other features.

For example, there is very little need to use protocol level server <->
server encrypted links, as it's more preferable to use user-level
encryption such as PGP. This is prefered because I cannot guarantee that
every hop in my transmission will be secure, or that the level of security
will be sufficient for my needs.

SMTP AUTH is availible, but only really required where one wants to allow
relaying through servers from remote netblocks. So there's no great need
to do it.

I have a feeling I understand what you're trying to accomplish, but maybe
we should work at this from another angle - what are the more basic
problems oyu're trying to fix? Spam? Lack of encryption? Remote relaying?
Understand that they are NOT the same problem and should be handled
seperately. You can't say spam is a 'security' problem - it's a social
problem.