idnits 2.17.1 

draft-hathcock-minger-03.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3978, Section 5.1 on line 14.

  -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
     line 314.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 325.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 332.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 338.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == The page length should not exceed 58 lines per page, but there was 1
     longer page, the longest (page 2) being 108 lines

  == It seems as if not all pages are separated by form feeds - found 0 form
     feeds but 9 pages


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** There are 3 instances of too long lines in the document, the longest one
     being 1 character in excess of 72.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust Copyright Line does not match the
     current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (April 1, 2008) is 5868 days in the past.  Is this
     intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

  -- Obsolete informational reference (is this intentional?): RFC 1734
     (Obsoleted by RFC 5034)

  -- Obsolete informational reference (is this intentional?): RFC 2821
     (Obsoleted by RFC 5321)

  -- Obsolete informational reference (is this intentional?): RFC 4234
     (Obsoleted by RFC 5234)


     Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 10 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------

1	Network Working Group                                        A. Hathcock
2	Internet-Draft                                                 J. Merkel
3	Intended Status: Informational                        Alt-N Technologies
4	Expires: October 1, 2007                                   April 1, 2008

6	              The Minger Email Address Verification Protocol
7	                       draft-hathcock-minger-03.txt

9	Status of this Memo

11	   By submitting this Internet-Draft, each author represents that any
12	   applicable patent or other IPR claims of which he or she is aware
13	   have been or will be disclosed, and any of which he or she becomes
14	   aware will be disclosed, in accordance with Section 6 of BCP 79.

16	   Internet-Drafts are working documents of the Internet Engineering
17	   Task Force (IETF), its areas, and its working groups.  Note that
18	   other groups may also distribute working documents as Internet-
19	   Drafts.

21	   Internet-Drafts are draft documents valid for a maximum of six months
22	   and may be updated, replaced, or obsoleted by other documents at any
23	   time.  It is inappropriate to use Internet-Drafts as reference
24	   material or to cite them other than as "work in progress."

26	   The list of current Internet-Drafts can be accessed at
27	   http://www.ietf.org/ietf/1id-abstracts.txt.

29	   The list of Internet-Draft Shadow Directories can be accessed at
30	   http://www.ietf.org/shadow.html.

32	   This Internet-Draft will expire on September 6, 2007.

34	Copyright Notice

36	   Copyright (C) The IETF Trust (2007).

38	Abstract

40	   This document describes the Minger protocol.  Minger is a protocol
41	   which allows a mail handling entity to query a remote service and
42	   ask the question "do you accept mail for this email address?" It
43	   includes security in the form of a hashed shared secret but can also
44	   be used anonymously if desired.

46	Requirements Language

48	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
49	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
50	   document are to be interpreted as described in [RFC2119].

52	Table of Contents

54	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . .  3
55	     1.1.  The problem  . . . . . . . . . . . . . . . . . . . . . .  3
56	     1.2.  Existing solutions . . . . . . . . . . . . . . . . . . .  3
57	     1.3.  The Minger solution  . . . . . . . . . . . . . . . . . .  4
58	   2.  The Minger protocol  . . . . . . . . . . . . . . . . . . . .  4
59	     2.1  The Minger query process  . . . . . . . . . . . . . . . .  4
60	     2.2  Description of query elements . . . . . . . . . . . . . .  5
61	   3.  Minger responses . . . . . . . . . . . . . . . . . . . . . .  5
62	     3.1  Description of response elements  . . . . . . . . . . . .  5
63	     3.2  Example responses . . . . . . . . . . . . . . . . . . . .  6
64	   4.  Anonymous mode . . . . . . . . . . . . . . . . . . . . . . .  6
65	   5.  Security Considerations  . . . . . . . . . . . . . . . . . .  7
66	   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . .  7
67	   7.  Informative References . . . . . . . . . . . . . . . . . . .  7
68	   Appendix A.  Acknowledgements  . . . . . . . . . . . . . . . . .  8
69	   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . .  8
70	   Intellectual Property and Copyright Statements . . . . . . . . .  9

72	1. Introduction

74	1.1 The problem

76	   It is common for elements within a typical email handling topology
77	   to be unaware of whether individual local-parts are valid for the
78	   mail it accepts.  For example, so-called "edge" servers which provide
79	   security oriented services for downstream mail handling elements
80	   often do not have an exhaustive listing of all valid local-parts for
81	   a given domain.  Thus, they are sometimes forced to accept and process
82	   messages which might otherwise be rejected as "user unknown".
83	   Similarly, entities offering "backup MX" mail services are rarely
84	   privy to a complete local-part listing and are therefore forced to
85	   accept messages which might otherwise be rejected.  Finally, even
86	   within a common administrative framework of several locally maintained
87	   and controlled SMTP servers in a load balanced configuration, it is
88	   not always possible for all servers to access a common local-part
89	   database.

91	1.2 Existing solutions

93	   The need to determine whether an email address contains a valid local
94	   part has lead to the use of at least two existing mechanisms - Finger
95	   [RFC1288] and SMTP "call-back" / "call-forward".

97	   Finger [RFC1288] describes a protocol for the exchange of user
98	   information.  In theory, Finger could be used to determine whether an
99	   account exists by careful examination of the results of a Finger
100	   query.  However, Finger suffers from a lack of security which makes
101	   its modern day use problematic when coupled with the user level
102	   detail it can provide.  Also, Finger requires the use of TCP rather
103	   than UDP which seems ill suited to a simple verification scheme.

105	   SMTP "call-back" and "call-forward" are terms describing a widespread
106	   practice whereby SMTP servers place an incoming SMTP session on hold
107	   while they attempt to use an outbound SMTP session to determine
108	   whether or not a given email address is valid.  The theory behind this
109	   is as follows:  if an SMTP server responds positively to an SMTP RCPT
110	   or MAIL command [RFC2821] with a given email address then this
111	   potentially means that the address local part is valid.  One problem
112	   with such a scheme is the lack of efficiency inherent in the need to
113	   tear-up and tear-down an SMTP session over TCP.  Also, because these
114	   types of SMTP sessions are not purposed to deliver mail, they
115	   typically drop connection after the RCPT command is processed.  This
116	   leads to a large number of SMTP sessions which appear in logs to have
117	   simply failed for no reason.  This leads to situations in which SMTP
118	   transaction logs can no longer distinguish legitimate network errors
119	   from "call-back"/"call-forward" traffic.

121	   SMTP includes a VRFY command which can be used to determine whether
122	   an email address exits.  VRFY is not in wide-spread use and suffers
123	   from the same inefficiency concerns described in the discussion on
124	   SMTP "call-back".  Additionally, a particular SMTP agent serving a
125	   domain that has several is not necessarily authoritative making a
126	   VRFY request to it potentially unreliable.

128	1.3 The Minger solution

130	   What's needed is a protocol which is secure, has little overhead, and
131	   can be easily invoked to determine whether a given email address is
132	   valid or not.  Minger achieves these goals using a shared secret for
133	   security and UDP to lower overhead.

135	2. The Minger protocol

137	   Minger is a UDP protocol that operates on port 4069.

139	   Syntax descriptions use the form described in Augmented Backus-Naur
140	   Form for Syntax Specifications (ABNF) [RFC4234].

142	2.1 The Minger query process

144	   A Minger client constructs a query string as described below and
145	   transmits it over UDP to a Minger server.  The format of the query
146	   is as follows:

148	  ABNF:

150	   query-string = mailbox [SP "d=" digest] [SP tag-list]

152	   digest = base64                   ; digest for security
153	                                     ; base64 defined in [RFC1734]

155	   digest-text = shared-secret ":" mailbox ; input text for digest

157	   mailbox = Local-part "@" Domain   ; as defined in [RFC2821]

159	   shared-secret = 1*50(VCHAR)       ; password credential

161	   tag-list = tag-spec 0*(SP tag-spec) ; tag/value list

163	   tag-spec = tag-name "=" tag-value
164	    tag-name = 1 * (any ALPHA other than 'd' / DIGIT / "_")

166	    tag-value = 1 * (ALPHA / DIGIT / "_")

168	2.2 Description of query elements

170	   mailbox

172	      This is the email address for which verification of
173	      existence is desired.

175	   digest

177	     This is the base64 encoding of the MD5 [RFC1321] hash of
178	     digest-text.  Digest-text is constructed, the MD5 hash of that
179	     is computed, and that result is base64 encoded.

181	   tag-list

183	     Tag-list is provided so that future capability might be added
184	     in an easy way.

186	3. Minger responses

188	   Minger servers return a response string of the following form:

190	  ABNF:

192	   response-string = mailbox status

194	   mailbox = Local-part "@" Domain   ; as defined in [RFC2821]

196	   status = %x30-35                  ; single digit result code
197	                                     ; from 0 - 5

199	3.1 Description of response elements

201	   mailbox

203	      This is the email address for which verification of
204	      existence is desired.

206	   status

208	      The following status codes are defined:

210	      0 - invalid request (for example, malformed query string)
211	      1 - access denied (for example, query from unauthorized IP)
212	      2 - bad or missing credentials (returned when anonymous
213	          mode is disabled and no credentials were provided in the
214	          query string or when the credentials themselves are
215	          invalid)
216	      3 - email address does not exist
217	      4 - email address exists but can not receive mail (for example,
218	          the account associated with the email address has exceeded
219	          local storage constraints or it is otherwise disabled due
220	          to local policy)
221	      5 - email address exists and is active (able to receive mail)

223	3.2 Example responses

225	   Minger response returned when the queried email address does
226	   not exist:

228	      arvel@example.com 3

230	   Minger response returned for invalid credentials:

232	      arvel@example.com 2

234	   Minger response returned when the queried email address exists:

236	      arvel@example.com 5

238	4. Anonymous mode

240	   Minger clients MAY attempt anonymous queries; that is, queries which
241	   do not contain a shared secret digest within the query string. Minger
242	   servers MAY be configured to refuse anonymous queries.  If so, they
243	   MUST respond with a status of "2".

245	5. Security Considerations

247	   Minger is a protocol which is used to determine whether a given
248	   email address is valid or not.  If a particular email
249	   infrastructure does not wish to advertise the email addresses that
250	   it services then this protocol should not be employed.

252	   If a shared secret is employed to secure Minger from anonymous use
253	   that shared secret should be at least 128 bits.

255	6. IANA Considerations

257	   IANA has assigned tcp & upd port 4069 for Minger.

259	7. Informative References

261	   [RFC1288]  Zimmerman, D., "The Finger User Information Protocol",
262	              RFC 1288, December 1991.

264	   [RFC1734]  Myers, J., "POP3 Authentication Command", RFC 1734,
265	              December 1994.

267	   [RFC2821]  Klensin, J., Editor, "Simple Mail Transfer Protocol", RFC
268	              2821, March 2001.

270	   [RFC4234]  Crocker, D., Ed. And P. Overell, "Augmented BNF for Syntax
271	              Specifications: ABNF", RFC 4234, October 2005.

273	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
274	              Requirement Levels", BCP 14, RFC 2119, March 1997.

276	   [RFC1321]  Rivest, R., "The MD5 Message Digest Algorithm", RFC 1321,
277	              MIT Laboratory for Computer Science and RSA Data Security,
278	              Inc., April 1992.

280	Appendix A.  Acknowledgements

282	   We wish to thank the members of the MDaemon Beta Community
283	   (md-beta-subscribe@altn.com) for their ideas and help and Paul
284	   Hoffman for his valuable feedback.

286	Authors' Addresses

288	   Arvel Hathcock
289	   Alt-N Technologies
290	   http://www.altn.com

292	   Email: arvel.hathcock@altn.com

294	   Jonathan Merkel
295	   Alt-N Technologies
296	   http://www.altn.com

298	   Email: jon.merkel@altn.com

300	Full Copyright Statement

302	   Copyright (C) The IETF Trust (2007).

304	   This document is subject to the rights, licenses and restrictions
305	   contained in BCP 78, and except as set forth therein, the authors
306	   retain all their rights.

308	   This document and the information contained herein are provided on an
309	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
310	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
311	   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
312	   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
313	   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
314	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

316	Intellectual Property

318	   The IETF takes no position regarding the validity or scope of any
319	   Intellectual Property Rights or other rights that might be claimed to
320	   pertain to the implementation or use of the technology described in
321	   this document or the extent to which any license under such rights
322	   might or might not be available; nor does it represent that it has
323	   made any independent effort to identify any such rights.  Information
324	   on the procedures with respect to rights in RFC documents can be
325	   found in BCP 78 and BCP 79.

327	   Copies of IPR disclosures made to the IETF Secretariat and any
328	   assurances of licenses to be made available, or the result of an
329	   attempt made to obtain a general license or permission for the use of
330	   such proprietary rights by implementers or users of this
331	   specification can be obtained from the IETF on-line IPR repository at
332	   http://www.ietf.org/ipr.

334	   The IETF invites any interested party to bring to its attention any
335	   copyrights, patents or patent applications, or other proprietary
336	   rights that may cover technology that may be required to implement
337	   this standard.  Please address the information to the IETF at
338	   ietf-ipr@ietf.org.

340	Acknowledgment

342	   Funding for the RFC Editor function is provided by the IETF
343	   Administrative Support Activity (IASA).