On 03/25/2016 07:24 AM, Jeremy Harris wrote: > On 25/03/16 02:12, Jim Fenton wrote: >> draft-fenton-smtp-require-tls-01 >> The idea here is that REQUIRETLS allows the SMTP client to override the >> default "deliver even if you can't do it securely" behavior of SMTP. The >> philosophy is that the sender of the message (SMTP client) is in the >> best position to know if a given message should only be sent via TLS, >> either based on some information it has about the sensitivity of the >> message or based on the client's local policy. > - The draft does not mention alias-style forwarding done by an MTA; > perhaps it could? A 1-1 alias would seems to be easily covered, > but 1-to-many (mail-exploder) aliases may need more thought.
REQUIRETLS is about satisfying the sender's expectations about how onward transmission of the message takes place. As a sender, my expectations wouldn't change if an MTA forwarded the message to more than one recipient, so I would want REQUIRETLS to be applied to all of the onward forwards. I agree, this could be more explicit. > > - I assume that mailing-list forwarding is not intended to be covered. > Perhaps that should be explicit. We had a little discussion about mailing lists and REQUIRETLS on the ietf-smtp list. Mailing lists (as distinct from mail forwarders/exploders, above) originate a new message from the mailing list. So I would expect REQUIRETLS from a mailing list to be at the option of the list operator, although it would be a good practice in many cases to follow the REQUIRETLS practices of the incoming message. Agree on making this more explicit, too. -Jim _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
