> It has long been my personal belief that, in its operation of
> various of its own services on the Internet the IETF should
> adhere closely to its own standards. If we do not do so, we
> lose all credibility in recommending to others that they follow
> our standards. This practice has been referred to in many
> discussion threads over the years as "eating our own dog food".
>
> It has recently come to the attention of several of us, via an
> extended discussion on the SMTP list, that the IETF email
> servers are rejecting all SMTP connections whose EHLO commands
> contain IP address literals. While the text describing the
> appropriateness of use of IP literal is RFC 5321 is more
> complicated than it probably ought to be, the discussion in
> Section 4.1.4 of that document seems quite clear that an SMTP
> server MUST NOT reject a message simply because an IP address
> literal (or a domain name that does not point to a host) is
> used. Those interested in the niceties of that issue should
> review the correspondence on the ietf-smtp@xxxxxxxx list and
> comment there if appropriate.
>
> A ticket ( [www.ietf.org/rt #282782] ) was generated early in
> the month about the ietf.org mail servers apparently rejecting
> messages with IP address literals in the EHLO field. The
> rejection is accompanied by a reply message that appears to be
> inappropriate in multiple ways; again, those interested should
> see the ietf-smtp list for an already-extensive discussion. The
> Secretariat responded by indicating that all such addresses were
> being rejected and that the rejection was occurring under
> instructions from IETF leadership, instructions that were
> reaffirmed after the ticket was filed. Whatever the problem is,
> and indeed, whether there is a problem, the Secretariat is
> therefore blameless. I suggest that the IETF has a problem.
>
> The purpose of this note is _not_ to evaluate the underlying
> technical issues, what should be done about them, or whether the
> text in RFC 5321 should be improved. Those, it seems to me, are
> topics for the ietf-smtp list. They have been discussed there
> at length and presumably will continue to be discussed there.
> It is whether there is consensus among IETF participants that
> "the leadership" (I presume whatever bodies, individuals, or
> their designees are relevant) should have the authority to
> instruct the Secretariat to violate an IETF standard without
> consultation of appropriate experts within the community
> (presumably on relevant mailing lists), evidence of IETF rough
> consensus, and/or Internet Drafts that specify alterations to
> the relevant standard(s). I also don't want to cast blame about
> decisions of the past, only to understand what the process is
> for giving instructions to the Secretariat (or approving their
> suggestions) is now and whether IETF conformance to IETF
> standards is something we care about for the future.
excuse if i stay out of the above layer seven issue(s) you raise.
american, brit, ietf, ... politics disgust me, and discussion seems
futile.
but, as one of my hats is in ops, i gotta ask two technical questions.
o would it be technically easy for the smtp servers to accept ip
literals in a conforming manner? yes, this is a question for my
esteemed friend glen and his partner in crime, matt.
o what would the technical and/or security exposure or other
downside(s) be of doing so?
randy
