Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org)

  • From: Scott Gifford
  • Date: Mon Aug 26 18:25:02 2002

David Van Duzer <dvanduzer@infidels.org> writes:

> On Mon, 2002-08-26 at 15:47, Scott Gifford wrote:
> > 
> > The problem that this deals with is the user who needs to dial in to
> > AOL and send mail from their corporate account.  The proposed solution
> > is to tunnel mail through the corporate server, by proving your right
> > to relay via SMTP AUTH or else via a VPN.
> > 
> > To make this work well requires support for SMTP AUTH and probably
> > STARTTLS (unless the company implementing this proposal wants
> > cleartext passwords flying over AOL's network) for all domains which
> > want to support Paul's proposal.  This isn't necessarily all that
> > unreasonable, but should be spelled out more clearly, and makes
> > implementation much more involved.
> 
> 
> Precisely.  It's only an issue for those who implement the feature. 
> Another thought that came to mind was a sort of hybrid between this and
> the central registry of trusted servers.

If a large ISP, say AOL, implements this, and I operate the mailserver
with users who send (relay through me) mail with a from address of
their (legitimate) AOL account, I'm choosing to ignore the feature
entirely, but it's still affecting me and my users.

If a large ISP, say AOL, implements this, and I'm an end-user trying
to send mail with a from address at my (legitimate) AOL account, I'm
choosing to ignore the feature entirely, but it's still affecting me.

I know this isn't what you're looking for, but individual domains
aren't so isolated that you can implement this sort of thing without
zero effect on other mailservers.

You really have to solve the whole problem before it becomes usable at
all.  I'm not saying it's an unsolvable problem, just that these two
issues need to be better addressed before it's a usable suggestion.

----ScottG.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.