IETF SMTP Working Group Proposal at smtpng.org

batz batsy at vapour.net
Wed Aug 21 16:25:31 UTC 2002


On Wed, 21 Aug 2002, Avleen Vig wrote:

:I have a feeling I understand what you're trying to accomplish, but maybe
:we should work at this from another angle - what are the more basic
:problems oyu're trying to fix? Spam? Lack of encryption? Remote relaying?
:Understand that they are NOT the same problem and should be handled
:seperately. You can't say spam is a 'security' problem - it's a social
:problem.

Spam is very much a security problem. 

Spam would not exist if both MUA's and MTA's had adequate policy 
enforcement features on them, so that users could set granular 
controls on what was allowed into their mailboxes. 

Policy enforcement is explicitly a security function, and spam can 
even be defined as any message that relies on this lack of policy 
enforcement tools for it to be delivered.  

It is not a social problem, or even a matter of personal taste if
it leverages the inability of the user to enforce a policy on 
what enters their mail servers. 

TMDA (Tagged Message Delivery Agent) is an excellent example of 
how policy can be set on MTA's and MUA's. It's rough ( tmda.net)
but IMHO, it offers a glimpse at what the future of mail delivery is
going to look like. 

Any attempt to circumvent the policy becomes (by definition) a 
network policy violation, and unauthorized access, and there
are social and legal tools to deal with unauthorized access. 

I can see why this group is looking at adding features to SMTP, 
as everyone understands that it is limited, and those limitations
have become an expensive liability. 

Meaningful Secrity/policy enforcement options would be a welcome 
addition  to both MUA/MTA software, or maybe even the protocol itself. 

Cheers,  


--
batz




More information about the NANOG mailing list