Network Working Group                                         C. Hutzler
Internet-Draft                                                       AOL
Expires: September 6, 2005                                    D. Crocker
                                             Brandenburg Internetworking
                                                              P. Resnick
                                                   QUALCOMM Incorporated
                                                              R. Sanders
                                                         Earthlink, Inc.
                                                               E. Allman
                                                          Sendmail, Inc.
                                                          March 26, 2004
                                              Updated September 15, 2004
                                                   Updated March 7, 2005


             Email Submission Between Independent Networks
                        draft-hutzler-spamops-03

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on September 6, 2005

Copyright Notice

   Copyright (C) The Internet Society (2005). All Rights Reserved.

   By submitting this Internet-Draft, any applicable patent or other IPR
claims of
   which I am aware have been disclosed in accordance with RFC 3668

Full Copyright Statement

   Copyright (C) The Internet Society (2005). All Rights Reserved. This
document is
   subject to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights."

   "This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

Abstract

   Email has become a popular distribution service for a variety of
   socially unacceptable, mass-effect purposes. The most obvious ones
   include spam and worms. This note recommends conventions for the
   operation of email submission and transport services between
   independent operators, such as enterprises and Internet Service



Hutzler, et al.        Expires September 6, 2005               [Page 1]


Internet-Draft             Email Port Access                  March 2005


   Providers. Its goal is to improve lines of accountability for
   controlling abusive uses of the Internet mail service. Consequently
   the document offers recommendations for constructive operational
   policies between independent operators of email transmission
   services.

   The document will seek BCP status. Comments and discussion of this
   document should be addressed to the ietf-smtp@imc.org mailing list
   or the Ant-Spam Research Group (ASRG).

Table of Contents

   1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . .   3
   2. Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3. Submission, Relaying, Delivery . . . . . . . . . . . . . . . .   5
   4. External Submission  . . . . . . . . . . . . . . . . . . . . .   6
   5. Message Submission Authentication Technologies . . . . . . . .   8
   6. Security Considerations  . . . . . . . . . . . . . . . . . . .   9
   A. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . .  10
      Normative References . . . . . . . . . . . . . . . . . . . . .  11
      Informative References . . . . . . . . . . . . . . . . . . . .  12
      Authors' Addresses . . . . . . . . . . . . . . . . . . . . . .  12
      Intellectual Property and Copyright Statements . . . . . . . .  14





























Hutzler, et al.        Expires September 6, 2005
[Page 2]


Internet-Draft             Email Port Access                  March 2005


1. Introduction

   The very characteristics that make email such a convenient
   communications medium - its near ubiquity, rapid delivery and low
   cost - have made it a fertile ground for the distribution of unwanted
   or malicious content. Spam, fraud and worms have become a serious
   problem, threatening the viability of email and costing end users and
   providers millions of dollars in damages and lost productivity. In
   recent years, independent operators including enterprises and ISPs
   have turned to a number of different technologies and processes, in
   an attempt to combat these problems, with varying effect and with
   vastly different impacts on users and on the Internet mail
   infrastructure.

   Email will often travel between multiple independent providers of
   email transmission services, en route to its final destination. They
   will generally have no prior arrangement with one another and may
   employ different rules on the transmission. It is therefore difficult
   both to debug problems that occur in mail transmission and to assign
   accountability if undesired or malicious mail is injected into the
   Internet mail infrastructure.

   This document suggests operational policies that independent
   operators of email transmission services may adopt, to assist in
   providing continued, smooth operation of Internet email, but with
   controls in place to improve accountability. These policies are
   appropriate for operators of all sizes and may be implemented by
   operators independently, without regard for whether the other side of
   an email exchange has implemented them.

   It is important to note that the adoption of these policies alone
   will not solve the problems of spam and other undesirable email.
   However they provide a useful step in clarifying lines of
   accountability and interoperability between operators. This will help
   raise the bar for abusers, and will pave the way for additional tools
   to preserve the utility of the Internet email infrastructure.















Hutzler, et al.        Expires September 6, 2005               [Page 3]


Internet-Draft             Email Port Access                  March 2005


2. Terminology

   The Internet email architecture distinguishes four message- handling
   components:

   o  Mail User Agents (MUAs)

   o  Mail Submission Agents (MSAs)

   o  Mail Transfer Agents (MTAs)

   o  Mail Delivery Agents (MDAs)

   At the origination end, an MUA works on behalf of end-users to create
   a message and performs initial "submission" into the transmission
   infrastructure, via an MSA.  An MSA accepts the message submission,
   performs any necessary pre- processing on the message and relays the
   message to an MTA for transmission.  MTAs relay messages to other
   MTAs, in a sequence reaching a destination MDA that, in turn,
   delivers the email to the recipient's inbox. The inbox is part of the
   recipient-side MUA that works on behalf of the end-user to process
   received mail.

   These architectural components are often compressed, such as having
   the same software do MSA, MTA and MDA functions. However the
   requirements for each of these components of the architecture are
   becoming more extensive, so that their separation is increasingly
   common.

      Note: The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
      "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and
      "OPTIONAL" in this document are to be interpreted as described in
      RFC 2119 [3].


















Hutzler, et al.        Expires September 6, 2005               [Page 4]


Internet-Draft             Email Port Access                  March 2005


3. Submission, Relaying, Delivery

   The MSA, MTA and MDA functions used to be considered as the same set
   of functions.  This has been reflected in the history of Internet
   mail by having MSA, MTA and MDA transfers all be performed with SMTP
   [2], over TCP Port 25. Internet mail permits email to be exchanged
   with no prior arrangement.  Hence Port 25 exchanges occur without
   sender authentication. That is, the sender is not necessarily known
   by the relaying MTAs or the MDA.

   It is important to distinguish MUA-to-MSA email submission, versus
   MTA relaying, versus the final MTA-to-MDA transmission, prior to
   MDA-to-MUA delivery. Submission typically does entail a relationship
   between client and server; equally, the MDA can determine that it
   will be effecting final delivery and has an existing relationship
   with the recipient.  That is, MSAs and MDAs can take advantage of
   having prior relationships with users, in order to constrain their
   transfer activities.

   Specifically, an MSA can choose to reject all postings from MUAs for
   which it has no existing relationship.  Similarly, an MDA can choose
   to reject all mail to recipients for which that MDA has no
   arrangement to perform delivery.  Indeed, both of these policies are
   already in common practice.

   Best practices are:

   o  Operators of MSAs MUST perform authentication during mail
      submission, based on an existing relationship with the submitting
      entity. This requirement applies to all mail submission
      mechanisms.

   o  For email being received from outside their local operational
      environment, email service operators MUST distinguish between mail
      that will be delivered inside that environment, from mail that is
      to be relayed back out to the Internet.  This prevents the problem
      embodied by "open" relays.

   o  Mail coming from outside an email operator's local environment,
      and having a RCPT-TO address that resolves to a destination
      outside the local environment, MUST be treated as mail submission,
      rather than mail relaying.

   o  MDAs SHALL NOT accept mail to recipients for which that MDA has no
arrangement to perform
      delivery.






Hutzler, et al.        Expires September 6, 2005               [Page 5]


Internet-Draft             Email Port Access                  March 2005


4. External Submission

   An MUA, such as one desiring enforced privacy, may need to submit
   mail across the Internet, rather than to a local MSA. This
   requirement creates a challenge for the provider operating the
   network that hosts the MUA.  It makes that provider an involuntary
   recruit to the task of solving mass- effect email problems. When the
   MUA participates in a problem that affects large numbers of Internet
   users, the operator is expected to effect remedies and is often
   expected to prevent such occurrences.

   A proactive technique used by some providers is to block all outbound
   Port 25 SMTP traffic or to force this traffic through a local SMTP
   proxy, except for hosts that are explicitly authorized. This can be
   problematic for some users, notably legitimate mobile users
   attempting use their "home" MSA, even though those users might
   already employ legitimate, Port 25-based authentication.

   This document offers no recommendation concerning the blocking of
   SMTP Port 25.

   Rather, it pursues the constructive benefit of using the official
   SUBMISSION Port 587 [1].

   Best practices are:

   o  MSAs MUST support the SUBMISSION port, for MUAs accessing from
      outside the MSA's local environment.

   o  MSAs MUST perform authentication during all mail transactions on
      the SUBMISSION port, even for a message having a RCPT TO address
      that would not cause the message to be relayed.

   o  Access Providers SHALL NOT block users from accessing the external
      Internet using the SUBMISSION port.

   o  MUAs SHOULD use the SUBMISSION port for message submission.

   Note that the requirement for authentication, on the part of the MSA,
   thereby makes that MSA responsible for the ensuing traffic it
   generates.










Hutzler, et al.        Expires September 6, 2005               [Page 6]


Internet-Draft             Email Port Access                  March 2005


   Figure 1 depicts examples of a local user (MUA.l) submitting a
   message to an MSA (MSA). It also shows a remote user (MUA.r), such as
   might be in a coffee shop offering "hotspot" wireless access,
   submitting a message to their "home" MSA via an Authenticated Port
   587 transaction.

            "Home" Network    smtp     /--------\      Destination
         +-------+    +-----+ port 25 |          |    +----------+
         | MUA.l | -> | MSA | ------> |          | -> |   MDA    |
         +-------+ 25 +-----+         | INTERNET | 25 +----------+
                   or    ^            |          |
                  587    \--------<---|---\      |
                                       \---\----/
                                           ^ SUBMISSION
                                           | Port 587
                                       +--------+
                                       |  MUA.r |
                                       +--------+
                                       "HotSpot"

                  Figure 1: Example of Port 587 Usage






























Hutzler, et al.        Expires September 6, 2005               [Page 7]


Internet-Draft             Email Port Access                  March 2005


5. Message Submission Authentication Technologies

   There are many different technologies available to authenticate
   message submission transactions. These range from simple mechanisms
   like POP authorization before SMTP and IP Address access lists all
   the way to SMTP AUTH [4] and client side certificates using Transport
   Layer Security (TLS) [5]. Depending on the environment, each of these
   mechanisms can be more or less effective and convenient.
   Organizations are encouraged to choose the most secure approach that
   is practical.

   For example, SMTP AUTH [4] using a secure authentication method like
   CRAM-MD5 or DIGEST-MD5 may be sufficient. However, in some
   environments, it is impractical to use one of the secure methods,
   meaning that SMTP AUTH [4] would be transmitting the username and the
   password in clear text over insecure networks. This could allow
   attackers to listen for this traffic and steal account data. In these
   cases, using STARTTLS [5] to establish an encrypted channel for
   transmission of the SMTP AUTH [4] username and password would be
   preferred. Similarly, STARTTLS [5] with client side certificates
   could be used with the SMTP AUTH [4] EXTERNAL mechanism to achieve
   secure authentication.





























Hutzler, et al.        Expires September 6, 2005               [Page 8]


Internet-Draft             Email Port Access                  March 2005


6. Security Considerations

   Email transfer between independent administrations can be the source
   of large volumes of unwanted email and email containing malicious
   content designed to attack the recipient's system.  This document
   addresses the requirements to permit such exchanges while reducing
   the likelihood that malicious mail will be transmitted.












































Hutzler, et al.        Expires September 6, 2005               [Page 9]


Internet-Draft             Email Port Access                  March 2005


Appendix A. Acknowledgments

   These recommendations were first formulated during informal
   discussions among members of Anti-Spam Technical Alliance (ASTA)  and
   some participants from the Internet Research Task Force's Anti-Spam
   Research Group (ASRG).













































Hutzler, et al.        Expires September 6, 2005              [Page 10]


Internet-Draft             Email Port Access                  March 2005


Normative References

   [1]  Gellens, R. and J. Klensin, "Message Submission", RFC 2476,
        December 1998.

   [2]  Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, April
        2001.












































Hutzler, et al.        Expires September 6, 2005              [Page 11]


Internet-Draft             Email Port Access                  March 2005


Informative References

   [3]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [4]  Myers, J., "SMTP Service Extension for Authentication", RFC
        2554, March 1999.

   [5]  Hoffman, P., "SMTP Service Extension for Secure SMTP over
        Transport Layer Security", RFC 3207, February 2002.


Authors' Addresses

   Carl Hutzler
   America Online
   12100 Sunrise Valley Drive
   Reston, VA
   20191

   Phone: +1 703 265 5521
   EMail: cdhutzler@aol.com
   URI:


   Dave Crocker
   Brandenburg Internetworking
   675 Spruce Drive
   Sunnyvale, CA  94086
   US

   Phone: +1 408 246 8253
   EMail: dcrocker@brandenburg.com
   URI:   http://www.brandenburg.com/


   Peter W. Resnick
   QUALCOMM Incorporated
   5775 Morehouse Drive
   San Diego, CA  92121-1714
   US

   Phone: +1 858 651 4478
   EMail: presnick@qualcomm.com
   URI:   http://www.qualcomm.com/~presnick/






Hutzler, et al.        Expires September 6, 2005              [Page 12]


Internet-Draft             Email Port Access                  March 2005


   Robert Sanders
   Earthlink, Inc.
   1375 Peachtree Street
   Atlanta, GA  30309
   US

   Phone: +1 404 748 7021
   EMail: sandersr@corp.earthlink.net
   URI:   http://home.mindspring.com/~rsanders/


   Eric Allman
   Sendmail, Inc.
   6425 Christie Avenue, Suite 400
   Emeryville, CA  94608
   US

   Phone: +1 510 594 5501
   EMail: eric@sendmail.com
































Hutzler, et al.        Expires September 6, 2005              [Page 13]


Internet-Draft             Email Port Access                  March 2005


Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights. Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11. Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard. Please address the information to the IETF Executive
   Director.


Full Copyright Statement

   Copyright (C) The Internet Society (2004). All Rights Reserved. This
document is
   subject to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights."

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION



Hutzler, et al.        Expires September 6, 2005              [Page 14]


Internet-Draft             Email Port Access                  March 2005


   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.











































Hutzler, et al.        Expires September 6, 2005              [Page 15]