datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

Deployment Considerations for Lemonade-Compliant Mobile Email
RFC 5383

Document type: RFC - Best Current Practice (October 2008)
Also Known As BCP 143
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 5383 (Best Current Practice)
Responsible AD: Chris Newman
Send notices to: lemonade-chairs@tools.ietf.org

Network Working Group                                         R. Gellens
Request for Comments: 5383                                      Qualcomm
BCP: 143                                                    October 2008
Category: Best Current Practice

     Deployment Considerations for Lemonade-Compliant Mobile Email

Status of This Memo

   This document specifies an Internet Best Current Practices for the
   Internet Community, and requests discussion and suggestions for
   improvements.  Distribution of this memo is unlimited.

Abstract

   This document discusses deployment issues and describes requirements
   for successful deployment of mobile email that are implicit in the
   IETF lemonade documents.

Table of Contents

   1. Introduction ....................................................2
   2. Conventions Used in This Document ...............................2
   3. Ports ...........................................................2
   4. TCP Connections .................................................3
      4.1. Lifetime ...................................................4
      4.2. Maintenance during Temporary Transport Loss ................5
   5. Dormancy ........................................................6
   6. Firewalls .......................................................6
      6.1. Firewall Traversal .........................................7
   7. NATs ............................................................8
   8. Security Considerations .........................................8
   9. Acknowledgments ................................................10
   10. Normative References ..........................................10
   11. Informative References ........................................10

Gellens                  Best Current Practice                  [Page 1]
RFC 5383           Lemonade Deployment Considerations       October 2008

1.  Introduction

   The IETF lemonade group has developed a set of extensions to IMAP and
   Message Submission, along with a profile document that restricts
   server behavior and describes client usage [PROFILE].

   Successful deployment of lemonade-compliant mobile email requires
   various functionality that is generally assumed and hence not often
   covered in email RFCs.  This document describes some of these
   additional considerations, with a focus on those that have been
   reported to be problematic.

2.  Conventions Used in This Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [KEYWORDS].

3.  Ports

   Both IMAP and Message Submission have been assigned well-known ports
   [IANA] that MUST be available.  IMAP uses port 143.  Message
   Submission uses port 587.  It is REQUIRED that the client be able to
   contact the server on these ports.  Hence, the client and server
   systems, as well as any intermediary systems, MUST allow
   communication on these ports.

   Historically, Message User Agents (MUAs) have used port 25 for
   Message Submission, and [SUBMISSION] does accommodate this.  However,
   it has become increasingly common for ISPs and organizations to
   restrict outbound port 25.  Additionally, hotels and other public
   accommodations sometimes intercept port 25 connections, regardless of
   the destination host, resulting in users unexpectedly submitting
   potentially sensitive communications to unknown and untrusted third-
   party servers.  Typically, users are not aware of such interception.
   (Such interception violates [FIREWALLS] and has many negative
   consequences.)

   Due to endemic security vulnerabilities in widely deployed SMTP
   servers, organizations often employ application-level firewalls that
   intercept SMTP and permit only a limited subset of the protocol.  New
   extensions are therefore more difficult to deploy on port 25.  Since
   lemonade requires support for several [SUBMISSION] extensions, it is
   extremely important that lemonade clients use, and lemonade servers
   listen on, port 587 by default.

Gellens                  Best Current Practice                  [Page 2]
RFC 5383           Lemonade Deployment Considerations       October 2008

   In addition to communications between the client and server systems,
   lemonade requires that the Message Submission server be able to
   establish a TCP connection to the IMAP server (for forward-without-
   download).  This uses port 143 by default.

   Messaging clients sometimes use protocols to store, retrieve, and
   update configuration and preference data.  Functionality such as

[include full document text]