Open Pluggable Edge Services (OPES) SMTP Use Cases
draft-ietf-opes-smtp-use-cases-06

In the example in sect 3.1.1 it uses IP addresses:

      C: HELO [192.168.0.138]
      S: 250 mail.example.com Hello [192.168.0.138]

that do not conform to RFC3330 which sets aside a range
of IP addresses (192.0.2.0/24) for use in examples.

I'm not sure I can reconcile the first sentence of the last paragraph of section 3 with the first sentence of section 3.1:

   In this work the OPES processor may be any agent that is
   participating in SMTP exchanges, including an MSA, MTA, MDA, and MUA.
[...]
   In this work an MTA is the OPES processor device that sits in the
   data stream of the SMTP protocol.

The first mail server in Figure 3 is both an MSA and an MTA; if the OCP callout happens during the MSA's reception of the message from the MUA then that seems to contradict the second of the above sentences.


Is there a reason for the ordering of OCP first or last in "OCP/SMTP" vs. "HTTP/OCP"?  [4] never seems to refer to itself as HTTP/OCP.


Do any of these use cases enable 'graylisting'?  4.8 seems close except it seems to only mention permanent rejection.

Nits from Gen-ART review by Spencer Dawkins:

I found a few nits, probably AUTH-48, but just to write them down now:

- In the last paragraph of the Introduction, there were just a few too many pronouns for me to easily parse

  This work focuses on SMTP based services that want to modify command
  values and those that want to block commands by defining an error
  response that the MTA should send in response to the response it
  received.

I wasn't sure what "those" and "it" were actually pointing to (I could guess, but I'd be guessing).

- OCP isn't expanded on first use.

- The text under Figure 3 refers to "the MTA (the OPES processor)", but there are three MTAs in Figure 3, all with OCP callout servers. Should this have been plural, or was the reference to one of the three MTAs (and, if so, which one)?

- In Section 4.1, one of the actions is "The attachment is removed by an error message" - should this be "replaced by an error message"? "removed, and an error message generated"? Or did I misunderstand?

- In Section 5, I think what you're saying is "this document does not describe any new protocol functionality, it only shows use cases for OPES with SMTP, so does not introduce any new security considerations beyond current considerations for SMTP and OPES" - sorry, but we see enough "no new security considerations" that we get suspicious quickly!