Deployment Considerations for Lemonade-Compliant Mobile Email
RFC 5383
Document | Type |
RFC - Best Current Practice
(October 2008; No errata)
Also known as BCP 143
|
|
---|---|---|---|
Author | Randall Gellens | ||
Last updated | 2015-10-14 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 5383 (Best Current Practice) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Chris Newman | ||
Send notices to | (None) |
Network Working Group R. Gellens Request for Comments: 5383 Qualcomm BCP: 143 October 2008 Category: Best Current Practice Deployment Considerations for Lemonade-Compliant Mobile Email Status of This Memo This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. Abstract This document discusses deployment issues and describes requirements for successful deployment of mobile email that are implicit in the IETF lemonade documents. Table of Contents 1. Introduction ....................................................2 2. Conventions Used in This Document ...............................2 3. Ports ...........................................................2 4. TCP Connections .................................................3 4.1. Lifetime ...................................................4 4.2. Maintenance during Temporary Transport Loss ................5 5. Dormancy ........................................................6 6. Firewalls .......................................................6 6.1. Firewall Traversal .........................................7 7. NATs ............................................................8 8. Security Considerations .........................................8 9. Acknowledgments ................................................10 10. Normative References ..........................................10 11. Informative References ........................................10 Gellens Best Current Practice [Page 1] RFC 5383 Lemonade Deployment Considerations October 2008 1. Introduction The IETF lemonade group has developed a set of extensions to IMAP and Message Submission, along with a profile document that restricts server behavior and describes client usage [PROFILE]. Successful deployment of lemonade-compliant mobile email requires various functionality that is generally assumed and hence not often covered in email RFCs. This document describes some of these additional considerations, with a focus on those that have been reported to be problematic. 2. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [KEYWORDS]. 3. Ports Both IMAP and Message Submission have been assigned well-known ports [IANA] that MUST be available. IMAP uses port 143. Message Submission uses port 587. It is REQUIRED that the client be able to contact the server on these ports. Hence, the client and server systems, as well as any intermediary systems, MUST allow communication on these ports. Historically, Message User Agents (MUAs) have used port 25 for Message Submission, and [SUBMISSION] does accommodate this. However, it has become increasingly common for ISPs and organizations to restrict outbound port 25. Additionally, hotels and other public accommodations sometimes intercept port 25 connections, regardless of the destination host, resulting in users unexpectedly submitting potentially sensitive communications to unknown and untrusted third- party servers. Typically, users are not aware of such interception. (Such interception violates [FIREWALLS] and has many negative consequences.) Due to endemic security vulnerabilities in widely deployed SMTP servers, organizations often employ application-level firewalls that intercept SMTP and permit only a limited subset of the protocol. New extensions are therefore more difficult to deploy on port 25. Since lemonade requires support for several [SUBMISSION] extensions, it is extremely important that lemonade clients use, and lemonade servers listen on, port 587 by default. Gellens Best Current Practice [Page 2] RFC 5383 Lemonade Deployment Considerations October 2008 In addition to communications between the client and server systems, lemonade requires that the Message Submission server be able to establish a TCP connection to the IMAP server (for forward-without- download). This uses port 143 by default. Messaging clients sometimes use protocols to store, retrieve, and update configuration and preference data. Functionality such as setting a new device to use the configuration and preference data of another device, or having a device inherit default configuration data from a user account, an organization, or other source, is likely to be even more useful with small mobile devices. Various protocols canShow full document text