RE: Last Call: <draft-ietf-marf-spf-reporting-08.txt> (SPF Authentication Failure Reporting using the Abuse Report Format) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> -----Original Message-----
> From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On Behalf Of Scott Kitterman
> Sent: Friday, March 02, 2012 9:19 AM
> To: ietf@xxxxxxxx
> Subject: Re: Last Call: <draft-ietf-marf-spf-reporting-08.txt> (SPF
> Authentication Failure Reporting using the Abuse Report Format) to
> Proposed Standard
> 
> > >    "The HELO/EHLO command SHOULD also be selected so that it
> > >     will pass [SPF] HELO checks."
> > >
> > > I could not understand what to do about the above recommendation.
> > > FWIW, the command is specified in RFC 5321.  That specification is
> > > not referenced by this draft.
> >
> > Yes, that needs to be clarified, the reference added, and the typo in
> > the section title needs correction.
> 
> I agree I should add the reference to 5321.  Is informative sufficient
> (I don't think any detailed understand of Mail From or EHLO/HELO is
> necessary to implement this spec).
> 
> I can see the construction is awkward, but I'm not sure how to make it better.
> I'd appreciate suggestions.

I suggest:

OLD:
   In addition to the advice in security considerations of
   [I-D.IETF-MARF-AS] the additional consderations apply to [SPF] auth
   failure reports.  If the MAIL FROM command is not the NULL return
   address, i.e., "MAIL FROM:<>", then the selected MAIL FROM address
   MUST pass [SPF] MAIL FROM checks on receipt.  The HELO/EHLO command
   SHOULD also be selected so that it will pass [SPF] HELO checks.

NEW:
	In addition to the advice in the Security Considerations section of
	[I-D.IETF-MARF-AS], these additional considerations apply to
	generation of [SPF] authentication failure reports:

	o If the return address to be used will not be the NULL return
	  address, i.e., "MAIL FROM:<>", then the selected return address
	  MUST be selected such that it will pass [SPF] MAIL FROM checks
	  upon initial receipt.

	o If the report is passed to the Mail Submission Agent (MSA)
	  using [SMTP], the HELO/EHLO command parameter SHOULD also be
	  selected so that it will pass [SPF] HELO checks.

If needed, MSA is defined in RFC5598, so maybe this is another argument for adding it as an informative reference and changing to use ADMD as discussed in the other thread.

-MSK
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]