IETF SMTP Working Group Proposal at smtpng.org

william at elan.net william at elan.net
Wed Aug 21 01:52:40 UTC 2002


SMTP AUTH is certainly part of the solution but I think this is largely 
for user->server communication and not as much for server<->server.

If spam is security problem or not maybe a point of view, what spammers 
are trying to do certainly often involves security measures. 

But in reality I'm just looking for increased security in email 
communication alowing for users and servers to decided the kind of trust 
relationship they want to have for that particular communication with 
choices between several methods and ability to negotiate what would be 
used (like during PPP, it is negotiated what type of transmission it 
would be, although analogy is really very remote). In my option, currently 
use of email is reducing due to amount of unwanted email and due to the
way protocol is setup that may not allow user to fully rely on it and to 
be absolutly certain it was not intercepted, it was delivered to correct 
recepient, etc. I think we can work to make protocol and the tools needed 
for user to be certain email is received, that extra unwanted email is 
likely be thrown out (or at least marked as less secure) and this will 
lead to wider use of email and to allow for email to replace some of the 
things conventional mail is still used for.

On Tue, 20 Aug 2002, Dean Anderson wrote:

> What would you do that SMTP AUTH didn't?
> 
> How would your proposal solve the issues that plagued SMTP AUTH?
> 
> What makes you think that spam is a security problem?
> 
> 		--Dean
> 
> On Tue, 20 Aug 2002 william at elan.net wrote:
> 
> >
> > This is copy of the message sent to IETF mail list. As subject said,
> > I'd like to organize IETF working group to define new additions to SMTP.
> >
> > ----------------
> > As everyone I'm sure have seen on the last "why is spam a problem" and
> > other similar threads on ietf as well as numerous similar threads on
> > other lists and boards, there is a serious need to do something to limit
> > amount of unsolicited email. While the roots maybe social issue I do not
> > see why we can not work on it from technical point of view. In addition
> > to that during last years, I'v seen real need for new features to be
> > added into SMTP, such as ones for callback, delayed transmission, delivery
> > notification,secure communications, etc, etc and there are in fact
> > several drafts available on some issues. As far as anti-spam  mechanisms I
> > do not belive we should force some particular method on everyone but
> > rather built several verification features into protocol and allow server
> > operators to themselve choose if they want to use it. Where the features
> > were use the email would be considered more secure and users can use that
> > to sort out mail (as many do already with special filters).
> >
> > I believe its time we start working within IETF on new version of SMTP
> > that would have more features and be more secure. I'v tried to point this
> > out several times before on nanog and ietf hoping that someone would take
> > the initiave but as this did not happen, I'm willing to do it now. At this
> > point I'm proposing creation of IETF working group that would look into
> > ways to extend SMTP. I'v created website and mailing list to discuss
> > charter of the proposed working group at http://www.smtpng.org
> >
> > Those who agree with me, please subscribe to the mailing list and lets
> > work on this futher in a kind-of BOF. I'm also looking for two co-chairs
> > for the working group with at least one preferablly having been chair of
> > ietf group before. I'm planning on sending final draft for working group
> > charter in about two weeks time and right now I'm going to be contacting
> > several people who have expressed interest in working on SMTP protocol as
> > well as contacting IETF area director on proceeding with this.
> >
> > --
> > William Leibzon
> > william at elan.net
> >
> >
> >
> >




More information about the NANOG mailing list