[51383] in North American Network Operators' Group
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
daemon@ATHENA.MIT.EDU (David Van Duzer)
Mon Aug 26 18:11:07 2002
From: David Van Duzer <dvanduzer@infidels.org>
To: nanog@merit.edu
In-Reply-To: <lyr8glpa1b.fsf@gfn.org>
Date: 26 Aug 2002 16:08:57 -0600
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 2002-08-26 at 15:47, Scott Gifford wrote:
>
> The problem that this deals with is the user who needs to dial in to
> AOL and send mail from their corporate account. The proposed solution
> is to tunnel mail through the corporate server, by proving your right
> to relay via SMTP AUTH or else via a VPN.
>
> To make this work well requires support for SMTP AUTH and probably
> STARTTLS (unless the company implementing this proposal wants
> cleartext passwords flying over AOL's network) for all domains which
> want to support Paul's proposal. This isn't necessarily all that
> unreasonable, but should be spelled out more clearly, and makes
> implementation much more involved.
Precisely. It's only an issue for those who implement the feature.
Another thought that came to mind was a sort of hybrid between this and
the central registry of trusted servers.
Rather than maintain a central registry, the mail-from server could
provide its own registry of trusted keys for its own domain. Granted,
this is probably just as complicated as widely implementing SMTP AUTH,
but it does give a little more flexibility for those complaining that
this would break "home-grown" mail servers.
What I am mostly curious about is if there are any potential problems
with those who choose to ignore the feature entirely.
-dvd
