Advice for Safe Handling of Malformed Messages
draft-ietf-appsawg-malformed-mail-11
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2014-01-13
|
11 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2014-01-03
|
11 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2013-12-19
|
11 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2013-11-30
|
11 | David Black | Request for Telechat review by GENART Completed: Ready. Reviewer: David Black. |
2013-11-26
|
11 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent |
2013-11-26
|
11 | (System) | RFC Editor state changed to EDIT |
2013-11-26
|
11 | (System) | Announcement was received by RFC Editor |
2013-11-26
|
11 | (System) | IANA Action state changed to No IC |
2013-11-25
|
11 | Barry Leiba | Notification list changed to : appsawg-chairs@tools.ietf.org, draft-ietf-appsawg-malformed-mail@tools.ietf.org, sm+ietf@elandsys.com |
2013-11-25
|
11 | Cindy Morgan | State changed to Approved-announcement sent from Approved-announcement to be sent |
2013-11-25
|
11 | Cindy Morgan | IESG has approved the document |
2013-11-25
|
11 | Cindy Morgan | Closed "Approve" ballot |
2013-11-25
|
11 | Cindy Morgan | Ballot approval text was generated |
2013-11-25
|
11 | Barry Leiba | State changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed |
2013-11-22
|
11 | Murray Kucherawy | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2013-11-22
|
11 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-11.txt |
2013-11-21
|
10 | Cindy Morgan | State changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2013-11-21
|
10 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded for Gonzalo Camarillo |
2013-11-21
|
10 | Ted Lemon | [Ballot Position Update] New position, No Objection, has been recorded for Ted Lemon |
2013-11-21
|
10 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2013-11-21
|
10 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2013-11-21
|
10 | Stephen Farrell | [Ballot comment] Thanks for a useful document. I would have loved to have seen text about S/MIME and PGP issues, but I guess that might … [Ballot comment] Thanks for a useful document. I would have loved to have seen text about S/MIME and PGP issues, but I guess that might require another equally long document all by itself. It might well be worth looking though to see if there's a reference to which you could point that has relevant guidance about those. Separately, it might also be worth pointing out that some of the handling guidance you give if applied to some S/MIME or PGP messages is likely to break signatures or make decryption impossible. But those are just suggestions to take or leave, this is already useful enough as-is. |
2013-11-21
|
10 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2013-11-21
|
10 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2013-11-20
|
10 | Gunter Van de Velde | Request for Telechat review by OPSDIR Completed. Reviewer: Lionel Morand. |
2013-11-20
|
10 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Lionel Morand |
2013-11-20
|
10 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Lionel Morand |
2013-11-20
|
10 | Sean Turner | [Ballot comment] I quickly skimmed this draft and it looks fine to me. I'm balloting no objection, but I'm sure it would have been a … [Ballot comment] I quickly skimmed this draft and it looks fine to me. I'm balloting no objection, but I'm sure it would have been a YES had I had more time to review it - my fault mind you. |
2013-11-20
|
10 | Sean Turner | Ballot comment text updated for Sean Turner |
2013-11-20
|
10 | Sean Turner | [Ballot comment] I quickly skimmed this draft and I'm balloting no objection (I'm sure it would have been a YES had I had more time … [Ballot comment] I quickly skimmed this draft and I'm balloting no objection (I'm sure it would have been a YES had I had more time to review it - my fault mind you). |
2013-11-20
|
10 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded for Sean Turner |
2013-11-20
|
10 | Pete Resnick | [Ballot comment] Nothing that would stop me from endorsing this document going forward, but please do take the following into consideration: 1.1 - The 5th … [Ballot comment] Nothing that would stop me from endorsing this document going forward, but please do take the following into consideration: 1.1 - The 5th paragraph seems redundant with previous paragraphs in this section. The last paragraph seems redundant with section 1.2. Suggest striking. 4 - It seems worth pointing out somewhere in this section that the prepending of Received fields is the safest thing to do if changes must be made to the message to pass information between modules. 7.1 - "A message using an obsolete header syntax" You might consider adding a direct reference to 5322 section 4 to define what's meant by "obsolete". 7.1.6 - Why is the second example not obviously better? I have a hard time imagining circumstances where an unterminated quoted-string that contains an angle-bracketed thing that looks like an addr-spec is in fact a local part. 7.4 - "acceptance grammar" is a weird construction, not used in 5322. Suggest "obsolete syntax" (with the reference to section 4) instead. 7.5 - Third paragraph: Reference to DKIM would be useful. Fourth paragraph: I find the word "enacted" a bit weird. I suggest changing "can be enacted" to "can be used" or "strategies can be used" What's the difference between 3 & 4? Or maybe I don't know what "compound instance" means in 3. 7.5.3 - What's the harm in more than one Return-Path? Only one of interest is the top-most. --- Finally, a gedankenexperiment, or maybe fodder for a real experiment: What would happen if, upon receiving a malformed message that was determined to not be otherwise malicious, a receiving SMTP system both returned a 5xx to the message *and* processed and delivered the message (i.e., give the receiver what they want, but push back on folks who generate crap)? Would it help? (I am not asking for a discussion of this in the document. Just an interesting thought.) |
2013-11-20
|
10 | Pete Resnick | [Ballot Position Update] New position, Yes, has been recorded for Pete Resnick |
2013-11-20
|
10 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded for Stewart Bryant |
2013-11-20
|
10 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2013-11-19
|
10 | Richard Barnes | [Ballot Position Update] New position, No Objection, has been recorded for Richard Barnes |
2013-11-19
|
10 | Joel Jaeggli | [Ballot comment] 10 appears to have addressed many of the ops reviewers concerns. Thanks! |
2013-11-19
|
10 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2013-11-18
|
10 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2013-11-14
|
10 | Jean Mahoney | Request for Telechat review by GENART is assigned to David Black |
2013-11-14
|
10 | Jean Mahoney | Request for Telechat review by GENART is assigned to David Black |
2013-11-08
|
10 | (System) | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2013-11-07
|
10 | Barry Leiba | Notification list changed to : appsawg-chairs@tools.ietf.org, draft-ietf-appsawg-malformed-mail@tools.ietf.org, sm+ietf@elandsys.com, apps-discuss@ietf.org |
2013-11-07
|
10 | Barry Leiba | Ballot has been issued |
2013-11-07
|
10 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2013-11-07
|
10 | Barry Leiba | Created "Approve" ballot |
2013-11-07
|
10 | Barry Leiba | Ballot writeup was changed |
2013-11-07
|
10 | Barry Leiba | State changed to IESG Evaluation from Waiting for AD Go-Ahead |
2013-11-06
|
10 | Murray Kucherawy | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2013-11-06
|
10 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-10.txt |
2013-11-04
|
09 | David Black | Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: David Black. |
2013-10-31
|
09 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Scott Kelly. |
2013-10-29
|
09 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call (ends 2013-10-29) |
2013-10-24
|
09 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2013-10-24
|
09 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-appsawg-malformed-mail-09, which is currently in Last Call, and has the following comments: We understand that, upon approval of this … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-appsawg-malformed-mail-09, which is currently in Last Call, and has the following comments: We understand that, upon approval of this document, there are no IANA Actions that need completion. IANA requests that the IANA Considerations section of the document remain in place upon publication. If this assessment is not accurate, please respond as soon as possible. |
2013-10-17
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2013-10-17
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2013-10-17
|
09 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2013-10-17
|
09 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2013-10-15
|
09 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2013-10-15
|
09 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Advice for Safe Handling of … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Advice for Safe Handling of Malformed Messages) to Informational RFC The IESG has received a request from the Applications Area Working Group WG (appsawg) to consider the following document: - 'Advice for Safe Handling of Malformed Messages' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-10-29. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Although Internet mail formats have been precisely defined since the 1970s, authoring and handling software often show only mild conformance to the specifications. The malformed messages that result are non-standard. Nonetheless, decades of experience has shown that handling with some tolerance the malformations that result is often an acceptable approach, and is better than rejecting the messages outright as nonconformant. This document includes a collection of the best advice available regarding a variety of common malformed mail situations, to be used as implementation guidance. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-appsawg-malformed-mail/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-appsawg-malformed-mail/ballot/ No IPR declarations have been submitted directly on this I-D. |
2013-10-15
|
09 | Cindy Morgan | State changed to In Last Call from Last Call Requested |
2013-10-15
|
09 | Barry Leiba | Placed on agenda for telechat - 2013-11-21 |
2013-10-15
|
09 | Barry Leiba | Last call was requested |
2013-10-15
|
09 | Barry Leiba | Last call announcement was generated |
2013-10-15
|
09 | Barry Leiba | Ballot approval text was generated |
2013-10-15
|
09 | Barry Leiba | State changed to Last Call Requested from AD Evaluation::AD Followup |
2013-10-07
|
09 | Murray Kucherawy | Changed consensus to Yes from No |
2013-10-05
|
09 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2013-10-05
|
09 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-09.txt |
2013-09-28
|
08 | S Moonesamy | Changed document writeup |
2013-09-20
|
08 | Barry Leiba | Lots of mostly editorial comments. |
2013-09-20
|
08 | Barry Leiba | State changed to AD Evaluation::Revised I-D Needed from AD Evaluation |
2013-09-20
|
08 | Barry Leiba | Notification list changed to : appsawg-chairs@tools.ietf.org, draft-ietf-appsawg-malformed-mail@tools.ietf.org, sm+ietf@elandsys.com |
2013-09-20
|
08 | Barry Leiba | State changed to AD Evaluation from Publication Requested |
2013-09-20
|
08 | Barry Leiba | Changed consensus to No from Yes |
2013-09-20
|
08 | Barry Leiba | Ballot writeup was changed |
2013-09-20
|
08 | Barry Leiba | Ballot writeup was generated |
2013-09-20
|
08 | Barry Leiba | Changed document writeup |
2013-09-19
|
08 | Amy Vezza | State changed to Publication Requested from I-D Exists (IESG: Dead) |
2013-09-18
|
08 | Murray Kucherawy | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2013-09-18
|
08 | Murray Kucherawy | Annotation tag Doc Shepherd Follow-up Underway cleared. |
2013-09-18
|
08 | Murray Kucherawy | Changed document writeup |
2013-09-18
|
08 | S Moonesamy | Changed document writeup |
2013-09-17
|
08 | Murray Kucherawy | Intended Status changed to Informational from Best Current Practice |
2013-09-17
|
08 | Murray Kucherawy | Changed consensus to Yes from Unknown |
2013-09-17
|
08 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-08.txt |
2013-08-18
|
07 | Murray Kucherawy | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2013-08-18
|
07 | Murray Kucherawy | Annotation tag Doc Shepherd Follow-up Underway set. |
2013-08-02
|
07 | Murray Kucherawy | Document shepherd changed to S Moonesamy |
2013-07-29
|
07 | Salvatore Loreto | IETF WG state changed to In WG Last Call from WG Document |
2013-07-13
|
07 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-07.txt |
2013-06-18
|
06 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-06.txt |
2013-05-28
|
05 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-05.txt |
2013-05-17
|
04 | Murray Kucherawy | IETF WG state changed to WG Document from Parked WG Document |
2013-05-17
|
04 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-04.txt |
2013-04-12
|
03 | (System) | Document has expired |
2013-04-12
|
03 | (System) | State changed to Dead from AD is watching |
2013-04-09
|
03 | Murray Kucherawy | IETF WG state changed to Parked WG Document from WG Document |
2012-10-09
|
03 | Murray Kucherawy | No recent interest. Parking. |
2012-10-09
|
03 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-03.txt |
2012-06-27
|
02 | Alexey Melnikov | Changed shepherd to Salvatore Loreto |
2012-05-19
|
02 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-02.txt |
2012-04-04
|
01 | Murray Kucherawy | Changed shepherd to Alexey Melnikov |
2012-04-04
|
01 | Murray Kucherawy | Unassigned shepherd |
2012-03-30
|
01 | Barry Leiba | Responsible AD changed to Barry Leiba from Pete Resnick |
2012-02-29
|
01 | Murray Kucherawy | New version available: draft-ietf-appsawg-malformed-mail-01.txt |
2012-01-27
|
00 | (System) | Document has expired |
2012-01-27
|
00 | (System) | State changed to Dead from AD is watching. |
2011-08-12
|
00 | Pete Resnick | Draft added in state AD is watching |
2011-07-26
|
00 | (System) | New version available: draft-ietf-appsawg-malformed-mail-00.txt |