idnits 2.17.1 draft-ietf-appsawg-nullmx-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 13, 2014) is 3512 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Levine 3 Internet-Draft Taughannock Networks 4 Intended status: Standards Track M. Delany 5 Expires: March 17, 2015 Apple Inc. 6 September 13, 2014 8 A "Null MX" No Service Resource Record for Domains that Accept No Mail 9 draft-ietf-appsawg-nullmx-09 11 Abstract 13 Internet mail determines the address of a receiving server through 14 the DNS, first by looking for an MX record and then by looking for an 15 A/AAAA record as a fallback. Unfortunately this means that the A/ 16 AAAA record is taken to be mail server address even when that address 17 does not accept mail. The no service MX RR, informally called null 18 MX, formalizes the existing mechanism by which a domain announces 19 that it accepts no mail, without having to provide a mail server, 20 which permits significant operational efficiencies. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on March 17, 2015. 39 Copyright Notice 41 Copyright (c) 2014 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Conventions Used in This Document . . . . . . . . . . . . . . 2 57 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 3. MX Resource Records Specifying Null MX . . . . . . . . . . . 3 59 4. Effects of Null MX . . . . . . . . . . . . . . . . . . . . . 3 60 4.1. SMTP Server Benefits . . . . . . . . . . . . . . . . . . 3 61 4.2. Sending Mail from Domains that Publish Null MX . . . . . 4 62 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 64 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 65 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 67 8.2. Informative References . . . . . . . . . . . . . . . . . 6 68 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 6 69 A.1. Change to appsawg-nullmx-09 . . . . . . . . . . . . . . . 6 70 A.2. Change to appsawg-nullmx-08 . . . . . . . . . . . . . . . 6 71 A.3. Change to appsawg-nullmx-07 . . . . . . . . . . . . . . . 6 72 A.4. Change to appsawg-nullmx-06 . . . . . . . . . . . . . . . 6 73 A.5. Change to appsawg-nullmx-05 . . . . . . . . . . . . . . . 7 74 A.6. Change to appsawg-nullmx-04 . . . . . . . . . . . . . . . 7 75 A.7. Change to appsawg-nullmx-03 . . . . . . . . . . . . . . . 7 76 A.8. Change to appsawg-nullmx-02 . . . . . . . . . . . . . . . 7 77 A.9. Change to appsawg-nullmx-1 . . . . . . . . . . . . . . . 7 78 A.10. Change to appsawg-nullmx-0 . . . . . . . . . . . . . . . 7 79 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 81 1. Conventions Used in This Document 83 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 84 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 85 document are to be interpreted as described in [RFC2119]. 87 The terms RFC5321.MailFrom and RFC5322.From are used as defined in 88 [RFC5598]. 90 2. Introduction 92 This document defines the No Service MX, informally called null MX, 93 as a simple mechanism by which a domain can indicate that it does not 94 accept email. 96 SMTP clients have a prescribed sequence for identifying a server that 97 accepts email for a domain. Section 5 of [RFC5321] covers this in 98 detail, but in essence the SMTP client first looks up a DNS MX RR and 99 if that is not found it falls back to looking up a DNS A or AAAA RR. 100 Hence this overloads an email service semantic onto a DNS record with 101 a different primary mission. 103 If a domain has no MX records, senders will attempt to deliver mail 104 to the hosts at the domain's A or AAAA record's addresses. If there 105 is no SMTP listener at the A/AAAA address, message delivery will be 106 attempted repeatedly for a long period, typically a week, before the 107 sending MTA gives up. This will delay notification to the sender in 108 the case of misdirected mail, and will consume resources at the 109 sender. 111 This document defines a null MX that will cause all mail delivery 112 attempts to a domain to fail immediately, without requiring domains 113 to create SMTP listeners dedicated to preventing delivery attempts. 115 3. MX Resource Records Specifying Null MX 117 To indicate that a domain does not accept email, it advertises a 118 single MX RR (see [RFC1035], section 3.3.9) with an RDATA section 119 consisting of preference number 0, and a zero length label, written 120 in master files as ".", as the exchange domain, to denote that there 121 exists no mail exchanger for a domain. Since "." is not a valid host 122 name, a null MX record can not be confused with an ordinary MX 123 record. The use of "." as a pseudo-host name meaning no service 124 available is modeled on the SRV RR [RFC2782] where it has a similar 125 meaning. 127 A domain that advertises a null MX MUST NOT advertise any other MX 128 RR. 130 4. Effects of Null MX 132 The null MX record has a variety of efficiency and usability 133 benefits. 135 4.1. SMTP Server Benefits 137 Mail often has an incorrect address due to user error, where the 138 address was mistranscribed or misunderstood, for example, to 139 alice@www.example.com or alice@example.org or alice@examp1e.com 140 rather than alice@example.com. Null MX allows a mail system to 141 report the delivery failure when the user sends the message, rather 142 than hours or days later. 144 Senders of abusive mail often use forged undeliverable return 145 addresses. Null MX allows Delivery Status Notifications (DSNs) and 146 other attempted responses to such mail to be disposed of efficiently. 148 The ability to detect domains that do not accept email offers 149 resource savings to an SMTP client. It will discover on the first 150 sending attempt that an address is not deliverable, avoiding queuing 151 and retries. 153 When a submission or SMTP relay server rejects an envelope recipient 154 due to a domain's null MX record, it SHOULD use a 556 reply 155 code[rfc1846bis] (Requested action not taken: domain does not accept 156 mail) and a 5.1.TBD enhanced status code (Permanent failure: 157 Recipient address has null MX). 159 A receiving SMTP server that chooses to reject email during the SMTP 160 conversation that presents an undeliverable RFC5321.MailFrom or 161 RFC5322.From domain can be more confident that for other messages a 162 subsequent attempt to send a DSN or other response will reach a 163 recipient SMTP server. 165 SMTP servers that reject mail because a RFC5321.MailFrom or 166 RFC5322.From domain has a null MX record SHOULD use a 550 reply code 167 (Requested action not taken: mailbox unavailable) and a 5.7.TBD 168 enhanced status code (Permanent failure: Sender address has null MX). 170 4.2. Sending Mail from Domains that Publish Null MX 172 Null MX is primarily intended for domains that do not send or receive 173 any mail, but have mail sent to them anyway due to mistakes or 174 malice. Many receiving systems reject mail that has an invalid 175 return address. Return addresses are needed to allow the sender to 176 handle message delivery errors. An invalid return address often 177 signals that the message is spam. Hence mail systems SHOULD NOT 178 publish a null MX record for domains that they use in 179 RFC5321.MailFrom or RFC5322.From addresses. If a server nonetheless 180 does so, it risks having its mail rejected. 182 Operators of domains that do not send mail can publish SPF -all 183 [RFC7208] policies to make an explicit declaration that the domains 184 send no mail. 186 Null MX is not intended to be a replacement for the null reverse path 187 described in RFC 5321 section 4.5.5 and does not change the meaning 188 or use of a null reverse path. 190 5. Security Considerations 192 Within the DNS, a null MX RR is an ordinary MX record and presents no 193 new security issues. If desired, it can be secured in the same 194 manner as any other DNS record using DNSSEC. 196 6. IANA Considerations 198 IANA is requested to add the following entries to the "Enumerated 199 Status Codes" sub-registry of the Simple Mail Transfer Protocol 200 (SMTP) Enhanced Status Codes Registry. 202 Code: X.1.TBD 203 Sample Text: Recipient address has null MX 204 Associated basic status code: 556 205 Description: This status code is returned when the associated 206 address is marked as invalid using a null MX. 207 Reference: [this document] 208 Submitter: [authors of this document] 209 Change controller: IESG 211 Code: X.7.TBD 212 Sample Text: Sender address has null MX 213 Associated basic status code: 550 214 Description: This status code is returned when the associated 215 sender address has a null MX, and the SMTP 216 receiver is configured to reject mail from such 217 sender (e.g. because it could not return a DSN). 218 Reference: [this document] 219 Submitter: [authors of this document] 220 Change controller: IESG 222 7. Acknowledgements 224 We thank Dave Crocker for his diligent and lengthy shepherding of 225 this document. 227 8. References 229 8.1. Normative References 231 [RFC1035] Mockapetris, P., "Domain names - implementation and 232 specification", STD 13, RFC 1035, November 1987. 234 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 235 Requirement Levels", BCP 14, RFC 2119, March 1997. 237 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 238 October 2008. 240 [rfc1846bis] 241 Klensin, J., "SMTP 521 and 556 Reply Codes", . 243 Work In Progress 245 8.2. Informative References 247 [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for 248 specifying the location of services (DNS SRV)", RFC 2782, 249 February 2000. 251 [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, July 252 2009. 254 [RFC7208] Kitterman, S., "Sender Policy Framework (SPF) for 255 Authorizing Use of Domains in Email, Version 1", RFC 7208, 256 April 2014. 258 Appendix A. Change Log 260 *NOTE TO RFC EDITOR: This section may be removed upon publication of 261 this document as an RFC.* 263 A.1. Change to appsawg-nullmx-09 265 Change 521 to 556, change reference. 267 A.2. Change to appsawg-nullmx-08 269 Fix name of IANA registry. 271 Yea, even yet more editorial cleanup. 273 A.3. Change to appsawg-nullmx-07 275 Add new enhanced status codes and ref for 521 return code. 277 Even yet more editorial cleanup. 279 A.4. Change to appsawg-nullmx-06 281 Even more editorial cleanup. 283 Mention SRV 284 you SHOULD NOT put a null MX on domains that send mail 286 A.5. Change to appsawg-nullmx-05 288 Fix ID nits, add NULL IANA section. More editorial cleanup. 290 A.6. Change to appsawg-nullmx-04 292 Reorganize. 294 A.7. Change to appsawg-nullmx-03 296 Editorial nits per Murray. 298 A.8. Change to appsawg-nullmx-02 300 Should not publish NULL MX with other MX. 302 Never say never. 304 Add 5.1.2 enhanced status code. 306 Minor editorial changes. 308 A.9. Change to appsawg-nullmx-1 310 Editorial improvements per D. Crocker's review. 312 A.10. Change to appsawg-nullmx-0 314 Fix typos. 316 Authors' Addresses 318 John Levine 319 Taughannock Networks 320 PO Box 727 321 Trumansburg, NY 14886 323 Phone: +1 831 480 2300 324 Email: standards@taugh.com 325 URI: http://jl.ly 326 Mark Delany 327 Apple Inc. 328 1 Infinite Loop 329 Cupertino, CA 95014 331 Email: mx0dot@yahoo.com