North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: IETF SMTP Working Group Proposal at smtpng.org
- From: batz
- Date: Wed Aug 21 12:38:44 2002
On Wed, 21 Aug 2002, Avleen Vig wrote:
:I have a feeling I understand what you're trying to accomplish, but maybe
:we should work at this from another angle - what are the more basic
:problems oyu're trying to fix? Spam? Lack of encryption? Remote relaying?
:Understand that they are NOT the same problem and should be handled
:seperately. You can't say spam is a 'security' problem - it's a social
Spam is very much a security problem.
Spam would not exist if both MUA's and MTA's had adequate policy
enforcement features on them, so that users could set granular
controls on what was allowed into their mailboxes.
Policy enforcement is explicitly a security function, and spam can
even be defined as any message that relies on this lack of policy
enforcement tools for it to be delivered.
It is not a social problem, or even a matter of personal taste if
it leverages the inability of the user to enforce a policy on
what enters their mail servers.
TMDA (Tagged Message Delivery Agent) is an excellent example of
how policy can be set on MTA's and MUA's. It's rough ( tmda.net)
but IMHO, it offers a glimpse at what the future of mail delivery is
going to look like.
Any attempt to circumvent the policy becomes (by definition) a
network policy violation, and unauthorized access, and there
are social and legal tools to deal with unauthorized access.
I can see why this group is looking at adding features to SMTP,
as everyone understands that it is limited, and those limitations
have become an expensive liability.
Meaningful Secrity/policy enforcement options would be a welcome
addition to both MUA/MTA software, or maybe even the protocol itself.