North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ISP phishing

  • From: william(at)
  • Date: Wed Jun 29 09:35:26 2005

On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:

On 29/06/05, william(at) <[email protected]> wrote:
Another issue is that are doing the forwarding are the ones that
are most often least maintained as far as upgrading software and
enabling new SMTP features. As a result an idea that we will ask
all forwarders to change and identify themselves in forwarded mail
can not happen as quickly as path authentication proponents want.
Please name a few names on just who is not enabling "new smtp features"

And what "smtp features" you'd like enabled.  RFC 2822 / ESMTP hasnt
changed all that much, and then there's SES, which if you call an SMTP
feature, I'd beg to differ on that ..
DSN are not supported and that is important as far as forwarding goes.
8BITMIME and BINARYMIME are rarely supported.

Also don't confuse SES with SRS. SES is specification of crypt signatures
in RFC2821 MAILFROM and should not be added by forwarders.

As to who, I don't want to put names but many (I'd go as far as to say
majority, but we'd need statistical study) university forwarding servers
for alumni forwarding run smtp software 5+ years old (they don't really
need much more then just to look at aliases of forwarding db and send
email further - once setup this system works for long time). Many small companies with email forwarding setup forwarding setup for few old employers or for subdivisions they previously bought also have problems.

BTW - I happened to know person who has setup email forwarding for his
department in major university in st.louis on sparc2 12 years ago.
It is still working as far as I know! Last mail software update on it
I believe was made 5 or 6 years ago when open relaying was disabled.

William Leibzon
Elan Networks
[email protected]