rfc2476.txt

来自「RFC 的详细文档！」· 文本 代码 · 共 844 行 · 第 1/3 页

Network Working Group                                        R. Gellens
Request for Comments: 2476                                     QUALCOMM
Category: Standards Track                                    J. Klensin
                                                                    MCI
                                                          December 1998


                           Message Submission

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

Table of Contents

    1.  Abstract . . . . . . . . . . . . . . . . . . . . . . . . . .  2
    2.  Document Information  . . . . . . . . . . . . . . . . . . .   3
      2.1.  Definitions of Terms Used in this Memo . . . . . . . . .  3
      2.2.  Conventions Used in this Document . . . . . . . . . . .   4
    3.  Message Submission . . . . . . . . . . . . . . . . . . . . .  4
      3.1.  Submission Identification . . . . . . . . . . . . . . .   4
      3.2.  Message Rejection and Bouncing . . . . . . . . . . . . .  4
      3.3.  Authorized Submission . . . . . . . . . . . . . . . . .   5
      3.4.  Enhanced Status Codes  . . . . . . . . . . . . . . . . .  6
    4.  Mandatory Actions . . . . . . . . . . . . . . . . . . . . .   6
      4.1.  General Submission Rejection Code  . . . . . . . . . . .  6
      4.2.  Ensure All Domains are Fully-Qualified  . . . . . . . .   6
    5.  Recommended Actions  . . . . . . . . . . . . . . . . . . . .  7
      5.1.  Enforce Address Syntax  . . . . . . . . . . . . . . . .   7
      5.2.  Log Errors . . . . . . . . . . . . . . . . . . . . . . .  7
    6.  Optional Actions  . . . . . . . . . . . . . . . . . . . . .   7
      6.1.  Enforce Submission Rights  . . . . . . . . . . . . . . .  7
      6.2.  Require Authentication  . . . . . . . . . . . . . . . .   8
      6.3.  Enforce Permissions  . . . . . . . . . . . . . . . . . .  8
      6.4.  Check Message Data  . . . . . . . . . . . . . . . . . .   8
    7.  Interaction with SMTP Extensions . . . . . . . . . . . . . .  8
    8.  Message Modifications . . . . . . . . . . . . . . . . . . .   9
      8.1.  Add 'Sender' . . . . . . . . . . . . . . . . . . . . . .  9
      8.2.  Add 'Date'  . . . . . . . . . . . . . . . . . . . . . .  10
      8.3.  Add 'Message-ID' . . . . . . . . . . . . . . . . . . . . 10



Gellens & Klensin           Standards Track                     [Page 1]

RFC 2476                   Message Submission              December 1998


      8.4.  Transfer Encode . . . . . . . . . . . . . . . . . . . .  10
      8.5.  Sign the Message . . . . . . . . . . . . . . . . . . . . 10
      8.6.  Encrypt the Message . . . . . . . . . . . . . . . . . .  10
      8.7.  Resolve Aliases  . . . . . . . . . . . . . . . . . . . . 10
      8.8.  Header Rewriting  . . . . . . . . . . . . . . . . . . .  10
    9.  Security Considerations  . . . . . . . . . . . . . . . . . . 11
   10.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . .  11
   11.  References . . . . . . . . . . . . . . . . . . . . . . . . . 12
   12.  Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 14
   13.  Full Copyright Statement  . . . . . . . . . . . . . . . . .  15

1.  Abstract

   SMTP was defined as a message *transfer* protocol, that is, a means
   to route (if needed) and deliver finished (complete) messages.
   Message Transfer Agents (MTAs) are not supposed to alter the message
   text, except to add 'Received', 'Return-Path', and other header
   fields as required by [SMTP-MTA].

   However, SMTP is now also widely used as a message *submission*
   protocol, that is, a means for message user agents (MUAs) to
   introduce new messages into the MTA routing network.  The process
   which accepts message submissions from MUAs is termed a Message
   Submission Agent (MSA).

   Messages being submitted are in some cases finished (complete)
   messages, and in other cases are unfinished (incomplete) in some
   aspect or other.  Unfinished messages need to be completed to ensure
   they conform to [MESSAGE-FORMAT], and later requirements.  For
   example, the message may lack a proper 'Date' header field, and
   domains might not be fully qualified.  In some cases, the MUA may be
   unable to generate finished messages (for example, it might not know
   its time zone).  Even when submitted messages are complete, local
   site policy may dictate that the message text be examined or modified
   in some way.  Such completions or modifications have been shown to
   cause harm when performed by downstream MTAs -- that is, MTAs after
   the first-hop submission MTA -- and are in general considered to be
   outside the province of standardized MTA functionality.

   Separating messages into submissions and transfers allows developers
   and network administrators to more easily:

   *   Implement security policies and guard against unauthorized mail
       relaying or injection of unsolicited bulk mail

   *   Implement authenticated submission, including off-site submission
       by authorized users such as travelers




Gellens & Klensin           Standards Track                     [Page 2]

RFC 2476                   Message Submission              December 1998


   *   Separate the relevant software code differences, thereby making
       each code base more straightforward and allowing for different
       programs for relay and submission

   *   Detect configuration problems with a site's mail clients

   *   Provide a basis for adding enhanced submission services in the
       future

   This memo describes a low cost, deterministic means for messages to
   be identified as submissions, and specifies what actions are to be
   taken by a submission server.

   Public comments should be sent to the IETF Submit mailing list,
   <ietf-submit@imc.org>.  To subscribe, send a message containing
   SUBSCRIBE to <ietf-submit-request@imc.org>.  Private comments may be
   sent to the authors.

2.  Document Information

2.1.  Definitions of Terms Used in this Memo

   Fully-Qualified

   Containing or consisting of a domain which can be globally resolved
   using the global Domain Name Service; that is, not a local alias or
   partial specification.

   Message Submission Agent (MSA)

   A process which conforms to this specification, which acts as a
   submission server to accept messages from MUAs, and either delivers
   them or acts as an SMTP client to relay them to an MTA.

   Message Transfer Agent (MTA)

   A process which conforms to [SMTP-MTA], which acts as an SMTP server
   to accept messages from an MSA or another MTA, and either delivers
   them or acts as an SMTP client to relay them to another MTA.

   Message User Agent (MUA)

   A process which acts (usually on behalf of a user) to compose and
   submit new messages, and process delivered messages.  In the split-
   MUA model, POP or IMAP is used to access delivered messages.






Gellens & Klensin           Standards Track                     [Page 3]

RFC 2476                   Message Submission              December 1998


2.2.  Conventions Used in this Document

   In examples, "C:" is used to indicate lines sent by the client, and
   "S:" indicates those sent by the server.  Line breaks within a
   command example are for editorial purposes only.

   Examples use the 'example.net' domain.

   The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
   in this document are to be interpreted as defined in [KEYWORDS].

3.  Message Submission

3.1.  Submission Identification

   Port 587 is reserved for email message submission as specified in
   this document.  Messages received on this port are defined to be
   submissions.  The protocol used is ESMTP [SMTP-MTA, ESMTP], with
   additional restrictions as specified here.

   While most email clients and servers can be configured to use port
   587 instead of 25, there are cases where this is not possible or
   convenient.  A site MAY choose to use port 25 for message submission,
   by designating some hosts to be MSAs and others to be MTAs.

3.2.  Message Rejection and Bouncing

   MTAs and MSAs MAY implement message rejection rules that rely in part
   on whether the message is a submission or a relay.

   For example, some sites might configure their MTA to reject all RCPT
   TOs for messages that do not reference local users, and configure
   their MSA to reject all message submissions that do not come from
   authorized users, based on IP address, or authenticated identity.

   NOTE:  It is better to reject a message than to risk sending one that
   is damaged.  This is especially true for problems that are
   correctable by the MUA, for example, an invalid 'From' field.

   If an MSA is not able to determine a return path to the submitting
   user, from a valid MAIL FROM, a valid source IP address, or based on
   authenticated identity, then the MSA SHOULD immediately reject the
   message.  A message can be immediately rejected by returning a 550
   code to the MAIL FROM command.







Gellens & Klensin           Standards Track                     [Page 4]

RFC 2476                   Message Submission              December 1998


   Note that a null return path, that is, MAIL FROM:<>, is permitted
   and MUST be accepted. (MUAs need to generate null return-path
   messages for a variety of reasons, including disposition
   notifications.)

   Except in the case where the MSA is unable to determine a valid
   return path for the message being submitted, text in this
   specification which instructs an MSA to issue a rejection code MAY be
   complied with by accepting the message and subsequently generating a
   bounce message. (That is, if the MSA is going to reject a message for
   any reason except being unable to determine a return path, it can
   optionally do an immediate rejection or accept the message and then
   mail a bounce.)

   NOTE:  In the normal case of message submission, immediately
   rejecting the message is preferred, as it gives the user and MUA
   direct feedback.  To properly handle delayed bounces the client MUA
   must maintain a queue of messages it has submitted, and match bounces
   to them.

3.3.  Authorized Submission

   Numerous methods have been used to ensure that only authorized users
   are able to submit messages.  These methods include authenticated
   SMTP, IP address restrictions, secure IP, and prior POP
   authentication.

   Authenticated SMTP [SMTP-AUTH] has been proposed.  It allows the MSA
   to determine an authorization identity for the message submission,
   which is not tied to other protocols.

   IP address restrictions are very widely implemented, but do not allow
   for travellers and similar situations, and can be spoofed.

   Secure IP [IPSEC] can also be used, and provides additional benefits
   of protection against eavesdropping and traffic analysis.

   Requiring a POP [POP3] authentication (from the same IP address)
   within some amount of time (for example, 20 minutes) prior to the
   start of a message submission session has also been used, but this
   does impose restrictions on clients as well as servers which may
   cause difficulties.  Specifically, the client must do a POP
   authentication before an SMTP submission session, and not all clients
   are capable and configured for this.  Also, the MSA must coordinate
   with the POP server, which may be difficult.  There is also a window
   during which an unauthorized user can submit messages and appear to
   be a prior authorized user.




Gellens & Klensin           Standards Track                     [Page 5]