On 18-Dec-19 06:15, Alissa Cooper wrote: > Hi John, all, > > The principles that the IESG has laid out for spam control on IETF lists are available here: <https://www.ietf.org/about/groups/iesg/statements/spam-control-2008-04-14/>. An interesting feature of that statement is that it contains this: "This supercedes [sic] a previous IESG statement on this topic, dated 9 Jan 2006." However, the hyperlink to "previous IESG statement" is incorrect as it is actually a link back to the identical 2008 statement. Applying my archaeological skills, the original statement is at: https://www6.ietf.org/iesg/statement/spam-control-2006-01-09.html It did mention "c. Past behavior by that particular sending IP address;" as a criterion. So this is not a recent addition by any means. I agree of course that it's a policy choice, not a standards issue. As far as I can tell there was no specific committee; the 2006 statement was drafted by Bill Fenner who wrote to the IESG that "It's been discussed on the wgchairs list a few times, and this document is the result of the feedback." (There's an even older version at https://www6.ietf.org/IESG/STATEMENTS/mail-submit-policy-20020313.txt) Brian > These principles continue to guide spam control as implemented by the AMS IT team. The IESG is not involved in day-to-day decisions about how the principles are operationalized and was not involved at all in the handling of the ticket you cite below. > > With Glen’s help this week I’ve come to understand the history here, which was unknown to me before. It seems there was some sort of committee or group that existed a decade ago. Once when they met, one of their discussion topics was spam. Many measures including the one discussed in this thread were proposed, considered, and implemented. I don’t know much else about the group but it does not exist now. > > As you’ve seen from Jay’s email, he has taken the lead on operationalizing a response. Based on discussions with him and Glen I think they both know they can reach out to the IESG at any time if they have questions in interpreting the IESG statement above or any other IESG statements. > > Best, > Alissa on behalf of the IESG > >> On Dec 15, 2019, at 4:15 PM, John C Klensin <john-ietf@xxxxxxx> wrote: >> >> Hi. >> >> It has long been my personal belief that, in its operation of >> various of its own services on the Internet the IETF should >> adhere closely to its own standards. If we do not do so, we >> lose all credibility in recommending to others that they follow >> our standards. This practice has been referred to in many >> discussion threads over the years as "eating our own dog food". >> >> It has recently come to the attention of several of us, via an >> extended discussion on the SMTP list, that the IETF email >> servers are rejecting all SMTP connections whose EHLO commands >> contain IP address literals. While the text describing the >> appropriateness of use of IP literal is RFC 5321 is more >> complicated than it probably ought to be, the discussion in >> Section 4.1.4 of that document seems quite clear that an SMTP >> server MUST NOT reject a message simply because an IP address >> literal (or a domain name that does not point to a host) is >> used. Those interested in the niceties of that issue should >> review the correspondence on the ietf-smtp@xxxxxxxx list and >> comment there if appropriate. >> >> A ticket ( [www.ietf.org/rt #282782] ) was generated early in >> the month about the ietf.org mail servers apparently rejecting >> messages with IP address literals in the EHLO field. The >> rejection is accompanied by a reply message that appears to be >> inappropriate in multiple ways; again, those interested should >> see the ietf-smtp list for an already-extensive discussion. The >> Secretariat responded by indicating that all such addresses were >> being rejected and that the rejection was occurring under >> instructions from IETF leadership, instructions that were >> reaffirmed after the ticket was filed. Whatever the problem is, >> and indeed, whether there is a problem, the Secretariat is >> therefore blameless. I suggest that the IETF has a problem. >> >> The purpose of this note is _not_ to evaluate the underlying >> technical issues, what should be done about them, or whether the >> text in RFC 5321 should be improved. Those, it seems to me, are >> topics for the ietf-smtp list. They have been discussed there >> at length and presumably will continue to be discussed there. >> It is whether there is consensus among IETF participants that >> "the leadership" (I presume whatever bodies, individuals, or >> their designees are relevant) should have the authority to >> instruct the Secretariat to violate an IETF standard without >> consultation of appropriate experts within the community >> (presumably on relevant mailing lists), evidence of IETF rough >> consensus, and/or Internet Drafts that specify alterations to >> the relevant standard(s). I also don't want to cast blame about >> decisions of the past, only to understand what the process is >> for giving instructions to the Secretariat (or approving their >> suggestions) is now and whether IETF conformance to IETF >> standards is something we care about for the future. >> >> john >> > >
