Re: Last Call: 'Email Submission Between Independent Networks' to BCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There is a strong rough consensus in the email operations community that open relays -- MTAs that accept mail from any source on the open Internet, when it is directly destined to go back out to the Internet -- prevents providing reasonable levels of message sender accountability.
That rough consensus has been in place for quite a few years.

sometimes rough consensus is wrong, particularly when it hasn't resulted from informed, intelligent dialogue. another way to put it is that sometimes rough consensus is indistinguishable from blind prejudice.

it's possible to have open relays that don't contribute to spam. but those relays need to employ some other means, e.g. rate limiting, to block spam. the goal of such relays is to make it at least as easy for the spammer to simply contact the appropriate MXes for the destination addresses as to use the relays. of course it is necessary for such relays to record source IP addresses, etc., so that they are as traceable to their origin as messages sent directly to MXes.

unfortunately, the vigilante character of various open-relay blacklists killed any attempt at this kind of innovation. just as we're now in danger of various kinds of brain-dead "authentication" methods and meaningless requirements killing useful email functionality.

The fact that attackers are not trying to exploit a particular weakness right now, although they used it heavily in the past, does not justify leaving the weakness in place.

this much is certainly true.

Keith

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]