idnits 2.17.1 draft-ietf-appsawg-nullmx-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 13, 2014) is 3506 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Levine 3 Internet-Draft Taughannock Networks 4 Intended status: Standards Track M. Delany 5 Expires: March 17, 2015 Apple Inc. 6 September 13, 2014 8 A "Null MX" No Service Resource Record for Domains that Accept No Mail 9 draft-ietf-appsawg-nullmx-10 11 Abstract 13 Internet mail determines the address of a receiving server through 14 the DNS, first by looking for an MX record and then by looking for an 15 A/AAAA record as a fallback. Unfortunately this means that the A/ 16 AAAA record is taken to be mail server address even when that address 17 does not accept mail. The no service MX RR, informally called null 18 MX, formalizes the existing mechanism by which a domain announces 19 that it accepts no mail, without having to provide a mail server, 20 which permits significant operational efficiencies. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on March 17, 2015. 39 Copyright Notice 41 Copyright (c) 2014 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Conventions Used in This Document . . . . . . . . . . . . . . 2 57 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 3. MX Resource Records Specifying Null MX . . . . . . . . . . . 3 59 4. Effects of Null MX . . . . . . . . . . . . . . . . . . . . . 3 60 4.1. SMTP Server Benefits . . . . . . . . . . . . . . . . . . 3 61 4.2. Sending Mail from Domains that Publish Null MX . . . . . 4 62 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 64 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 65 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 67 8.2. Informative References . . . . . . . . . . . . . . . . . 6 68 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 6 69 A.1. Change to appsawg-nullmx-10 . . . . . . . . . . . . . . . 6 70 A.2. Change to appsawg-nullmx-09 . . . . . . . . . . . . . . . 6 71 A.3. Change to appsawg-nullmx-08 . . . . . . . . . . . . . . . 6 72 A.4. Change to appsawg-nullmx-07 . . . . . . . . . . . . . . . 6 73 A.5. Change to appsawg-nullmx-06 . . . . . . . . . . . . . . . 7 74 A.6. Change to appsawg-nullmx-05 . . . . . . . . . . . . . . . 7 75 A.7. Change to appsawg-nullmx-04 . . . . . . . . . . . . . . . 7 76 A.8. Change to appsawg-nullmx-03 . . . . . . . . . . . . . . . 7 77 A.9. Change to appsawg-nullmx-02 . . . . . . . . . . . . . . . 7 78 A.10. Change to appsawg-nullmx-1 . . . . . . . . . . . . . . . 7 79 A.11. Change to appsawg-nullmx-0 . . . . . . . . . . . . . . . 7 80 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 82 1. Conventions Used in This Document 84 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 85 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 86 document are to be interpreted as described in [RFC2119]. 88 The terms RFC5321.MailFrom and RFC5322.From are used as defined in 89 [RFC5598]. 91 2. Introduction 93 This document defines the No Service MX, informally called null MX, 94 as a simple mechanism by which a domain can indicate that it does not 95 accept email. 97 SMTP clients have a prescribed sequence for identifying a server that 98 accepts email for a domain. Section 5 of [RFC5321] covers this in 99 detail, but in essence the SMTP client first looks up a DNS MX RR and 100 if that is not found it falls back to looking up a DNS A or AAAA RR. 101 Hence this overloads an email service semantic onto a DNS record with 102 a different primary mission. 104 If a domain has no MX records, senders will attempt to deliver mail 105 to the hosts at the domain's A or AAAA record's addresses. If there 106 is no SMTP listener at the A/AAAA address, message delivery will be 107 attempted repeatedly for a long period, typically a week, before the 108 sending MTA gives up. This will delay notification to the sender in 109 the case of misdirected mail, and will consume resources at the 110 sender. 112 This document defines a null MX that will cause all mail delivery 113 attempts to a domain to fail immediately, without requiring domains 114 to create SMTP listeners dedicated to preventing delivery attempts. 116 3. MX Resource Records Specifying Null MX 118 To indicate that a domain does not accept email, it advertises a 119 single MX RR (see [RFC1035], section 3.3.9) with an RDATA section 120 consisting of preference number 0, and a zero length label, written 121 in master files as ".", as the exchange domain, to denote that there 122 exists no mail exchanger for a domain. Since "." is not a valid host 123 name, a null MX record can not be confused with an ordinary MX 124 record. The use of "." as a pseudo-host name meaning no service 125 available is modeled on the SRV RR [RFC2782] where it has a similar 126 meaning. 128 A domain that advertises a null MX MUST NOT advertise any other MX 129 RR. 131 4. Effects of Null MX 133 The null MX record has a variety of efficiency and usability 134 benefits. 136 4.1. SMTP Server Benefits 138 Mail often has an incorrect address due to user error, where the 139 address was mistranscribed or misunderstood, for example, to 140 alice@www.example.com or alice@example.org or alice@examp1e.com 141 rather than alice@example.com. Null MX allows a mail system to 142 report the delivery failure when the user sends the message, rather 143 than hours or days later. 145 Senders of abusive mail often use forged undeliverable return 146 addresses. Null MX allows Delivery Status Notifications (DSNs) and 147 other attempted responses to such mail to be disposed of efficiently. 149 The ability to detect domains that do not accept email offers 150 resource savings to an SMTP client. It will discover on the first 151 sending attempt that an address is not deliverable, avoiding queuing 152 and retries. 154 When a submission or SMTP relay server rejects an envelope recipient 155 due to a domain's null MX record, it SHOULD use a 556 reply 156 code[code521556] (Requested action not taken: domain does not accept 157 mail) and a 5.1.TBD enhanced status code (Permanent failure: 158 Recipient address has null MX). 160 A receiving SMTP server that chooses to reject email during the SMTP 161 conversation that presents an undeliverable RFC5321.MailFrom or 162 RFC5322.From domain can be more confident that for other messages a 163 subsequent attempt to send a DSN or other response will reach a 164 recipient SMTP server. 166 SMTP servers that reject mail because a RFC5321.MailFrom or 167 RFC5322.From domain has a null MX record SHOULD use a 550 reply code 168 (Requested action not taken: mailbox unavailable) and a 5.7.TBD 169 enhanced status code (Permanent failure: Sender address has null MX). 171 4.2. Sending Mail from Domains that Publish Null MX 173 Null MX is primarily intended for domains that do not send or receive 174 any mail, but have mail sent to them anyway due to mistakes or 175 malice. Many receiving systems reject mail that has an invalid 176 return address. Return addresses are needed to allow the sender to 177 handle message delivery errors. An invalid return address often 178 signals that the message is spam. Hence mail systems SHOULD NOT 179 publish a null MX record for domains that they use in 180 RFC5321.MailFrom or RFC5322.From addresses. If a server nonetheless 181 does so, it risks having its mail rejected. 183 Operators of domains that do not send mail can publish SPF -all 184 [RFC7208] policies to make an explicit declaration that the domains 185 send no mail. 187 Null MX is not intended to be a replacement for the null reverse path 188 described in RFC 5321 section 4.5.5 and does not change the meaning 189 or use of a null reverse path. 191 5. Security Considerations 193 Within the DNS, a null MX RR is an ordinary MX record and presents no 194 new security issues. If desired, it can be secured in the same 195 manner as any other DNS record using DNSSEC. 197 6. IANA Considerations 199 IANA is requested to add the following entries to the "Enumerated 200 Status Codes" sub-registry of the Simple Mail Transfer Protocol 201 (SMTP) Enhanced Status Codes Registry. 203 Code: X.1.TBD 204 Sample Text: Recipient address has null MX 205 Associated basic status code: 556 206 Description: This status code is returned when the associated 207 address is marked as invalid using a null MX. 208 Reference: [this document] 209 Submitter: [authors of this document] 210 Change controller: IESG 212 Code: X.7.TBD 213 Sample Text: Sender address has null MX 214 Associated basic status code: 550 215 Description: This status code is returned when the associated 216 sender address has a null MX, and the SMTP 217 receiver is configured to reject mail from such 218 sender (e.g. because it could not return a DSN). 219 Reference: [this document] 220 Submitter: [authors of this document] 221 Change controller: IESG 223 7. Acknowledgements 225 We thank Dave Crocker for his diligent and lengthy shepherding of 226 this document, and members of the appsawg working group for their 227 constructive suggestions. 229 8. References 231 8.1. Normative References 233 [RFC1035] Mockapetris, P., "Domain names - implementation and 234 specification", STD 13, RFC 1035, November 1987. 236 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 237 Requirement Levels", BCP 14, RFC 2119, March 1997. 239 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 240 October 2008. 242 [code521556] 243 Klensin, J., "SMTP 521 and 556 Reply Codes", internet- 244 draft draft-klensin-smtp-521code, . 246 8.2. Informative References 248 [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for 249 specifying the location of services (DNS SRV)", RFC 2782, 250 February 2000. 252 [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, July 253 2009. 255 [RFC7208] Kitterman, S., "Sender Policy Framework (SPF) for 256 Authorizing Use of Domains in Email, Version 1", RFC 7208, 257 April 2014. 259 Appendix A. Change Log 261 *NOTE TO RFC EDITOR: This section may be removed upon publication of 262 this document as an RFC.* 264 A.1. Change to appsawg-nullmx-10 266 Minor twiddle to clarify reference. 268 A.2. Change to appsawg-nullmx-09 270 Change 521 to 556, change reference. 272 A.3. Change to appsawg-nullmx-08 274 Fix name of IANA registry. 276 Yea, even yet more editorial cleanup. 278 A.4. Change to appsawg-nullmx-07 280 Add new enhanced status codes and ref for 521 return code. 282 Even yet more editorial cleanup. 284 A.5. Change to appsawg-nullmx-06 286 Even more editorial cleanup. 288 Mention SRV 290 you SHOULD NOT put a null MX on domains that send mail 292 A.6. Change to appsawg-nullmx-05 294 Fix ID nits, add NULL IANA section. More editorial cleanup. 296 A.7. Change to appsawg-nullmx-04 298 Reorganize. 300 A.8. Change to appsawg-nullmx-03 302 Editorial nits per Murray. 304 A.9. Change to appsawg-nullmx-02 306 Should not publish NULL MX with other MX. 308 Never say never. 310 Add 5.1.2 enhanced status code. 312 Minor editorial changes. 314 A.10. Change to appsawg-nullmx-1 316 Editorial improvements per D. Crocker's review. 318 A.11. Change to appsawg-nullmx-0 320 Fix typos. 322 Authors' Addresses 324 John Levine 325 Taughannock Networks 326 PO Box 727 327 Trumansburg, NY 14886 329 Phone: +1 831 480 2300 330 Email: standards@taugh.com 331 URI: http://jl.ly 332 Mark Delany 333 Apple Inc. 334 1 Infinite Loop 335 Cupertino, CA 95014 337 Email: mx0dot@yahoo.com