imapext-2007

annotate docs/rfc/rfc4468.txt @ 0:ada5e610ab86

find changesets by author, revision, files, or words in the commit message
imap-2007e
author yuuji@gentei.org
date Mon, 14 Sep 2009 15:17:45 +0900
parents
children
rev   line source
yuuji@0 1
yuuji@0 2
yuuji@0 3
yuuji@0 4
yuuji@0 5
yuuji@0 6
yuuji@0 7 Network Working Group C. Newman
yuuji@0 8 Request for Comments: 4468 Sun Microsystems
yuuji@0 9 Updates: 3463 May 2006
yuuji@0 10 Category: Standards Track
yuuji@0 11
yuuji@0 12
yuuji@0 13 Message Submission BURL Extension
yuuji@0 14
yuuji@0 15 Status of This Memo
yuuji@0 16
yuuji@0 17 This document specifies an Internet standards track protocol for the
yuuji@0 18 Internet community, and requests discussion and suggestions for
yuuji@0 19 improvements. Please refer to the current edition of the "Internet
yuuji@0 20 Official Protocol Standards" (STD 1) for the standardization state
yuuji@0 21 and status of this protocol. Distribution of this memo is unlimited.
yuuji@0 22
yuuji@0 23 Copyright Notice
yuuji@0 24
yuuji@0 25 Copyright (C) The Internet Society (2006).
yuuji@0 26
yuuji@0 27 Abstract
yuuji@0 28
yuuji@0 29 The submission profile of Simple Mail Transfer Protocol (SMTP)
yuuji@0 30 provides a standard way for an email client to submit a complete
yuuji@0 31 message for delivery. This specification extends the submission
yuuji@0 32 profile by adding a new BURL command that can be used to fetch
yuuji@0 33 submission data from an Internet Message Access Protocol (IMAP)
yuuji@0 34 server. This permits a mail client to inject content from an IMAP
yuuji@0 35 server into the SMTP infrastructure without downloading it to the
yuuji@0 36 client and uploading it back to the server.
yuuji@0 37
yuuji@0 38
yuuji@0 39
yuuji@0 40
yuuji@0 41
yuuji@0 42
yuuji@0 43
yuuji@0 44
yuuji@0 45
yuuji@0 46
yuuji@0 47
yuuji@0 48
yuuji@0 49
yuuji@0 50
yuuji@0 51
yuuji@0 52
yuuji@0 53
yuuji@0 54
yuuji@0 55
yuuji@0 56
yuuji@0 57
yuuji@0 58 Newman Standards Track [Page 1]
yuuji@0 59
yuuji@0 60 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 61
yuuji@0 62
yuuji@0 63 Table of Contents
yuuji@0 64
yuuji@0 65 1. Introduction ....................................................2
yuuji@0 66 2. Conventions Used in This Document ...............................2
yuuji@0 67 3. BURL Submission Extension .......................................3
yuuji@0 68 3.1. SMTP Submission Extension Registration .....................3
yuuji@0 69 3.2. BURL Transaction ...........................................3
yuuji@0 70 3.3. The BURL IMAP Options ......................................4
yuuji@0 71 3.4. Examples ...................................................5
yuuji@0 72 3.5. Formal Syntax ..............................................6
yuuji@0 73 4. 8-Bit and Binary ................................................7
yuuji@0 74 5. Updates to RFC 3463 .............................................7
yuuji@0 75 6. Response Codes ..................................................7
yuuji@0 76 7. IANA Considerations .............................................9
yuuji@0 77 8. Security Considerations .........................................9
yuuji@0 78 9. References .....................................................11
yuuji@0 79 9.1. Normative References ......................................11
yuuji@0 80 9.2. Informative References ....................................12
yuuji@0 81 Appendix A. Acknowledgements .....................................13
yuuji@0 82
yuuji@0 83 1. Introduction
yuuji@0 84
yuuji@0 85 This specification defines an extension to the standard Message
yuuji@0 86 Submission [RFC4409] protocol to permit data to be fetched from an
yuuji@0 87 IMAP server at message submission time. This MAY be used in
yuuji@0 88 conjunction with the CHUNKING [RFC3030] mechanism so that chunks of
yuuji@0 89 the message can come from an external IMAP server. This provides the
yuuji@0 90 ability to forward an email message without first downloading it to
yuuji@0 91 the client.
yuuji@0 92
yuuji@0 93 2. Conventions Used in This Document
yuuji@0 94
yuuji@0 95 The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
yuuji@0 96 in this document are to be interpreted as defined in "Key words for
yuuji@0 97 use in RFCs to Indicate Requirement Levels" [RFC2119].
yuuji@0 98
yuuji@0 99 The formal syntax uses the Augmented Backus-Naur Form (ABNF)
yuuji@0 100 [RFC4234] notation including the core rules defined in Appendix B of
yuuji@0 101 RFC 4234.
yuuji@0 102
yuuji@0 103
yuuji@0 104
yuuji@0 105
yuuji@0 106
yuuji@0 107
yuuji@0 108
yuuji@0 109
yuuji@0 110
yuuji@0 111
yuuji@0 112
yuuji@0 113
yuuji@0 114 Newman Standards Track [Page 2]
yuuji@0 115
yuuji@0 116 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 117
yuuji@0 118
yuuji@0 119 3. BURL Submission Extension
yuuji@0 120
yuuji@0 121 This section defines the BURL submission extension.
yuuji@0 122
yuuji@0 123 3.1. SMTP Submission Extension Registration
yuuji@0 124
yuuji@0 125 1. The name of this submission extension is "BURL". This extends
yuuji@0 126 the Message Submission protocol on port 587 and MUST NOT be
yuuji@0 127 advertised by a regular SMTP [RFC2821] server on port 25 that
yuuji@0 128 acts as a relay for incoming mail from other SMTP relays.
yuuji@0 129
yuuji@0 130 2. The EHLO keyword value associated with the extension is "BURL".
yuuji@0 131
yuuji@0 132 3. The BURL EHLO keyword will have zero or more arguments. The only
yuuji@0 133 argument defined at this time is the "imap" argument, which MUST
yuuji@0 134 be present in order to use IMAP URLs with BURL. Clients MUST
yuuji@0 135 ignore other arguments after the BURL EHLO keyword unless they
yuuji@0 136 are defined by a subsequent IETF standards track specification.
yuuji@0 137 The arguments that appear after the BURL EHLO keyword may change
yuuji@0 138 subsequent to the use of SMTP AUTH [RFC2554], so a server that
yuuji@0 139 advertises BURL with no arguments prior to authentication
yuuji@0 140 indicates that BURL is supported but authentication is required
yuuji@0 141 to use it.
yuuji@0 142
yuuji@0 143 4. This extension adds the BURL SMTP verb. This verb is used as a
yuuji@0 144 replacement for the DATA command and is only permitted during a
yuuji@0 145 mail transaction after at least one successful RCPT TO.
yuuji@0 146
yuuji@0 147 3.2. BURL Transaction
yuuji@0 148
yuuji@0 149 A simple BURL transaction will consist of MAIL FROM, one or more RCPT
yuuji@0 150 TO headers, and a BURL command with the "LAST" tag. The BURL command
yuuji@0 151 will include an IMAP URL pointing to a fully formed message ready for
yuuji@0 152 injection into the SMTP infrastructure. If PIPELINING [RFC2920] is
yuuji@0 153 advertised, the client MAY send the entire transaction in one round
yuuji@0 154 trip. If no valid RCPT TO address is supplied, the BURL command will
yuuji@0 155 simply fail, and no resolution of the BURL URL argument will be
yuuji@0 156 performed. If at least one valid RCPT TO address is supplied, then
yuuji@0 157 the BURL URL argument will be resolved before the server responds to
yuuji@0 158 the command.
yuuji@0 159
yuuji@0 160 A more sophisticated BURL transaction MAY occur when the server also
yuuji@0 161 advertises CHUNKING [RFC3030]. In this case, the BURL and BDAT
yuuji@0 162 commands may be interleaved until one of them terminates the
yuuji@0 163 transaction with the "LAST" argument. If PIPELINING [RFC2920] is
yuuji@0 164 also advertised, then the client may pipeline the entire transaction
yuuji@0 165 in one round-trip. However, it MUST wait for the results of the
yuuji@0 166 "LAST" BDAT or BURL command prior to initiating a new transaction.
yuuji@0 167
yuuji@0 168
yuuji@0 169
yuuji@0 170 Newman Standards Track [Page 3]
yuuji@0 171
yuuji@0 172 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 173
yuuji@0 174
yuuji@0 175 The BURL command directs the server to fetch the data object to which
yuuji@0 176 the URL refers and include it in the message. If the URL fetch
yuuji@0 177 fails, the server will fail the entire transaction.
yuuji@0 178
yuuji@0 179 3.3. The BURL IMAP Options
yuuji@0 180
yuuji@0 181 When "imap" is present in the space-separated list of arguments
yuuji@0 182 following the BURL EHLO keyword, it indicates that the BURL command
yuuji@0 183 supports the URLAUTH [RFC4467] extended form of IMAP URLs [RFC2192]
yuuji@0 184 and that the submit server is configured with the necessary
yuuji@0 185 credentials to resolve "urlauth=submit+" IMAP URLs for the submit
yuuji@0 186 server's domain.
yuuji@0 187
yuuji@0 188 Subsequent to a successful SMTP AUTH command, the submission server
yuuji@0 189 MAY indicate a prearranged trust relationship with a specific IMAP
yuuji@0 190 server by including a BURL EHLO keyword argument of the form
yuuji@0 191 "imap://imap.example.com". In this case, the submission server will
yuuji@0 192 permit a regular IMAP URL referring to messages or parts of messages
yuuji@0 193 on imap.example.com that the user who authenticated to the submit
yuuji@0 194 server can access. Note that this form does not imply that the
yuuji@0 195 submit server supports URLAUTH URLs; the submit server must advertise
yuuji@0 196 both "imap" and "imap://imap.example.com" to indicate support for
yuuji@0 197 both extended and non-extended URL forms.
yuuji@0 198
yuuji@0 199 When the submit server connects to the IMAP server, it acts as an
yuuji@0 200 IMAP client and thus is subject to both the mandatory-to-implement
yuuji@0 201 IMAP capabilities in Section 6.1.1 of RFC 3501, and the security
yuuji@0 202 considerations in Section 11 of RFC 3501. Specifically, this
yuuji@0 203 requires that the submit server implement a configuration that uses
yuuji@0 204 STARTTLS followed by SASL PLAIN [SASL-PLAIN] to authenticate to the
yuuji@0 205 IMAP server.
yuuji@0 206
yuuji@0 207 When the submit server resolves a URLAUTH IMAP URL, it uses submit
yuuji@0 208 server credentials when authenticating to the IMAP server. The
yuuji@0 209 authentication identity and password used for submit credentials MUST
yuuji@0 210 be configurable. The string "submit" is suggested as a default value
yuuji@0 211 for the authentication identity, with no default for the password.
yuuji@0 212 Typically, the authorization identity is empty in this case; thus the
yuuji@0 213 IMAP server will derive the authorization identity from the
yuuji@0 214 authentication identity. If the IMAP URL uses the "submit+" access
yuuji@0 215 identifier prefix, the submit server MUST refuse the BURL command
yuuji@0 216 unless the userid in the URL's <access> token matches the submit
yuuji@0 217 client's authorization identity.
yuuji@0 218
yuuji@0 219 When the submit server resolves a regular IMAP URL, it uses the
yuuji@0 220 submit client's authorization identity when authenticating to the
yuuji@0 221 IMAP server. If both the submit client and the submit server's
yuuji@0 222 embedded IMAP client use SASL PLAIN (or the equivalent), the submit
yuuji@0 223
yuuji@0 224
yuuji@0 225
yuuji@0 226 Newman Standards Track [Page 4]
yuuji@0 227
yuuji@0 228 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 229
yuuji@0 230
yuuji@0 231 server SHOULD forward the client's credentials if and only if the
yuuji@0 232 submit server knows that the IMAP server is in the same
yuuji@0 233 administrative domain. If the submit server supports SASL mechanisms
yuuji@0 234 other than PLAIN, it MUST implement a configuration in which the
yuuji@0 235 submit server's embedded IMAP client uses STARTTLS and SASL PLAIN
yuuji@0 236 with the submit server's authentication identity and password (for
yuuji@0 237 the respective IMAP server) and the submit client's authorization
yuuji@0 238 identity.
yuuji@0 239
yuuji@0 240 3.4. Examples
yuuji@0 241
yuuji@0 242 In examples, "C:" and "S:" indicate lines sent by the client and
yuuji@0 243 server, respectively. If a single "C:" or "S:" label applies to
yuuji@0 244 multiple lines, then the line breaks between those lines are for
yuuji@0 245 editorial clarity only and are not part of the actual protocol
yuuji@0 246 exchange.
yuuji@0 247
yuuji@0 248 Two successful submissions (without and with pipelining) follow:
yuuji@0 249
yuuji@0 250 <SSL/TLS encryption layer negotiated>
yuuji@0 251 C: EHLO potter.example.com
yuuji@0 252 S: 250-owlry.example.com
yuuji@0 253 S: 250-8BITMIME
yuuji@0 254 S: 250-BURL imap
yuuji@0 255 S: 250-AUTH PLAIN
yuuji@0 256 S: 250-DSN
yuuji@0 257 S: 250 ENHANCEDSTATUSCODES
yuuji@0 258 C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
yuuji@0 259 S: 235 2.7.0 PLAIN authentication successful.
yuuji@0 260 C: MAIL FROM:<harry@gryffindor.example.com>
yuuji@0 261 S: 250 2.5.0 Address Ok.
yuuji@0 262 C: RCPT TO:<ron@gryffindor.example.com>
yuuji@0 263 S: 250 2.1.5 ron@gryffindor.example.com OK.
yuuji@0 264 C: BURL imap://harry@gryffindor.example.com/outbox
yuuji@0 265 ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
yuuji@0 266 :internal:91354a473744909de610943775f92038 LAST
yuuji@0 267 S: 250 2.5.0 Ok.
yuuji@0 268
yuuji@0 269 <SSL/TLS encryption layer negotiated>
yuuji@0 270 C: EHLO potter.example.com
yuuji@0 271 S: 250-owlry.example.com
yuuji@0 272 S: 250-8BITMIME
yuuji@0 273 S: 250-PIPELINING
yuuji@0 274 S: 250-BURL imap
yuuji@0 275 S: 250-AUTH PLAIN
yuuji@0 276 S: 250-DSN
yuuji@0 277 S: 250 ENHANCEDSTATUSCODES
yuuji@0 278 C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
yuuji@0 279
yuuji@0 280
yuuji@0 281
yuuji@0 282 Newman Standards Track [Page 5]
yuuji@0 283
yuuji@0 284 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 285
yuuji@0 286
yuuji@0 287 C: MAIL FROM:<harry@gryffindor.example.com>
yuuji@0 288 C: RCPT TO:<ron@gryffindor.example.com>
yuuji@0 289 C: BURL imap://harry@gryffindor.example.com/outbox
yuuji@0 290 ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
yuuji@0 291 :internal:91354a473744909de610943775f92038 LAST
yuuji@0 292 S: 235 2.7.0 PLAIN authentication successful.
yuuji@0 293 S: 250 2.5.0 Address Ok.
yuuji@0 294 S: 250 2.1.5 ron@gryffindor.example.com OK.
yuuji@0 295 S: 250 2.5.0 Ok.
yuuji@0 296
yuuji@0 297 Note that PIPELINING of the AUTH command is only permitted if the
yuuji@0 298 selected mechanism can be completed in one round trip, a client
yuuji@0 299 initial response is provided, and no SASL security layer is
yuuji@0 300 negotiated. This is possible for PLAIN and EXTERNAL, but not for
yuuji@0 301 most other SASL mechanisms.
yuuji@0 302
yuuji@0 303 Some examples of failure cases:
yuuji@0 304
yuuji@0 305 C: MAIL FROM:<harry@gryffindor.example.com>
yuuji@0 306 C: RCPT TO:<malfoy@slitherin.example.com>
yuuji@0 307 C: BURL imap://harry@gryffindor.example.com/outbox
yuuji@0 308 ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
yuuji@0 309 :internal:91354a473744909de610943775f92038 LAST
yuuji@0 310 S: 250 2.5.0 Address Ok.
yuuji@0 311 S: 550 5.7.1 Relaying not allowed: malfoy@slitherin.example.com
yuuji@0 312 S: 554 5.5.0 No recipients have been specified.
yuuji@0 313
yuuji@0 314 C: MAIL FROM:<harry@gryffindor.example.com>
yuuji@0 315 C: RCPT TO:<ron@gryffindor.example.com>
yuuji@0 316 C: BURL imap://harry@gryffindor.example.com/outbox
yuuji@0 317 ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
yuuji@0 318 :internal:71354a473744909de610943775f92038 LAST
yuuji@0 319 S: 250 2.5.0 Address Ok.
yuuji@0 320 S: 250 2.1.5 ron@gryffindor.example.com OK.
yuuji@0 321 S: 554 5.7.0 IMAP URL authorization failed
yuuji@0 322
yuuji@0 323 3.5. Formal Syntax
yuuji@0 324
yuuji@0 325 The following syntax specification inherits ABNF [RFC4234] and
yuuji@0 326 Uniform Resource Identifiers [RFC3986].
yuuji@0 327
yuuji@0 328 burl-param = "imap" / ("imap://" authority)
yuuji@0 329 ; parameter to BURL EHLO keyword
yuuji@0 330
yuuji@0 331 burl-cmd = "BURL" SP absolute-URI [SP end-marker] CRLF
yuuji@0 332
yuuji@0 333 end-marker = "LAST"
yuuji@0 334
yuuji@0 335
yuuji@0 336
yuuji@0 337
yuuji@0 338 Newman Standards Track [Page 6]
yuuji@0 339
yuuji@0 340 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 341
yuuji@0 342
yuuji@0 343 4. 8-Bit and Binary
yuuji@0 344
yuuji@0 345 A submit server that advertises BURL MUST also advertise 8BITMIME
yuuji@0 346 [RFC1652] and perform the down conversion described in that
yuuji@0 347 specification on the resulting complete message if 8-bit data is
yuuji@0 348 received with the BURL command and passed to a 7-bit server. If the
yuuji@0 349 URL argument to BURL refers to binary data, then the submit server
yuuji@0 350 MAY refuse the command or down convert as described in Binary SMTP
yuuji@0 351 [RFC3030].
yuuji@0 352
yuuji@0 353 The Submit server MAY refuse to accept a BURL command or combination
yuuji@0 354 of BURL and BDAT commands that result in un-encoded 8-bit data in
yuuji@0 355 mail or MIME [RFC2045] headers. Alternatively, the server MAY accept
yuuji@0 356 such data and down convert to MIME header encoding [RFC2047].
yuuji@0 357
yuuji@0 358 5. Updates to RFC 3463
yuuji@0 359
yuuji@0 360 SMTP or Submit servers that advertise ENHANCEDSTATUSCODES [RFC2034]
yuuji@0 361 use enhanced status codes defined in RFC 3463 [RFC3463]. The BURL
yuuji@0 362 extension introduces new error cases that that RFC did not consider.
yuuji@0 363 The following additional enhanced status codes are defined by this
yuuji@0 364 specification:
yuuji@0 365
yuuji@0 366 X.6.6 Message content not available
yuuji@0 367
yuuji@0 368 The message content could not be fetched from a remote system.
yuuji@0 369 This may be useful as a permanent or persistent temporary
yuuji@0 370 notification.
yuuji@0 371
yuuji@0 372 X.7.8 Trust relationship required
yuuji@0 373
yuuji@0 374 The submission server requires a configured trust relationship
yuuji@0 375 with a third-party server in order to access the message content.
yuuji@0 376
yuuji@0 377 6. Response Codes
yuuji@0 378
yuuji@0 379 This section includes example response codes to the BURL command.
yuuji@0 380 Other text may be used with the same response codes. This list is
yuuji@0 381 not exhaustive, and BURL clients MUST tolerate any valid SMTP
yuuji@0 382 response code. Most of these examples include the appropriate
yuuji@0 383 enhanced status code [RFC3463].
yuuji@0 384
yuuji@0 385 554 5.5.0 No recipients have been specified
yuuji@0 386
yuuji@0 387 This response code occurs when BURL is used (for example, with
yuuji@0 388 PIPELINING) and all RCPT TOs failed.
yuuji@0 389
yuuji@0 390
yuuji@0 391
yuuji@0 392
yuuji@0 393
yuuji@0 394 Newman Standards Track [Page 7]
yuuji@0 395
yuuji@0 396 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 397
yuuji@0 398
yuuji@0 399 503 5.5.0 Valid RCPT TO required before BURL
yuuji@0 400
yuuji@0 401 This response code is an alternative to the previous one when BURL
yuuji@0 402 is used (for example, with PIPELINING) and all RCPT TOs failed.
yuuji@0 403
yuuji@0 404 554 5.6.3 Conversion required but not supported
yuuji@0 405
yuuji@0 406 This response code occurs when the URL points to binary data and
yuuji@0 407 the implementation does not support down conversion to base64.
yuuji@0 408 This can also be used if the URL points to message data with 8-bit
yuuji@0 409 content in headers and the server does not down convert such
yuuji@0 410 content.
yuuji@0 411
yuuji@0 412 554 5.3.4 Message too big for system
yuuji@0 413
yuuji@0 414 The message (subsequent to URL resolution) is larger than the
yuuji@0 415 per-message size limit for this server.
yuuji@0 416
yuuji@0 417 554 5.7.8 URL resolution requires trust relationship
yuuji@0 418
yuuji@0 419 The submit server does not have a trust relationship with the IMAP
yuuji@0 420 server specified in the URL argument to BURL.
yuuji@0 421
yuuji@0 422 552 5.2.2 Mailbox full
yuuji@0 423
yuuji@0 424 The recipient is local, the submit server supports direct
yuuji@0 425 delivery, and the recipient has exceeded his quota and any grace
yuuji@0 426 period for delivery attempts.
yuuji@0 427
yuuji@0 428 554 5.6.6 IMAP URL resolution failed
yuuji@0 429
yuuji@0 430 The IMAP URLFETCH command returned an error or no data.
yuuji@0 431
yuuji@0 432 250 2.5.0 Waiting for additional BURL or BDAT commands
yuuji@0 433
yuuji@0 434 A BURL command without the "LAST" modifier was sent. The URL for
yuuji@0 435 this BURL command was successfully resolved, but the content will
yuuji@0 436 not necessarily be committed to persistent storage until the rest
yuuji@0 437 of the message content is collected. For example, a Unix server
yuuji@0 438 may have written the content to a queue file buffer, but may not
yuuji@0 439 yet have performed an fsync() operation. If the server loses
yuuji@0 440 power, the content can still be lost.
yuuji@0 441
yuuji@0 442 451 4.4.1 IMAP server unavailable
yuuji@0 443
yuuji@0 444 The connection to the IMAP server to resolve the URL failed.
yuuji@0 445
yuuji@0 446
yuuji@0 447
yuuji@0 448
yuuji@0 449
yuuji@0 450 Newman Standards Track [Page 8]
yuuji@0 451
yuuji@0 452 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 453
yuuji@0 454
yuuji@0 455 250 2.5.0 Ok.
yuuji@0 456
yuuji@0 457 The URL was successfully resolved, and the complete message data
yuuji@0 458 has been committed to persistent storage.
yuuji@0 459
yuuji@0 460 250 2.6.4 MIME header conversion with loss performed
yuuji@0 461
yuuji@0 462 The URL pointed to message data that included mail or MIME headers
yuuji@0 463 with 8-bit data. This data was converted to MIME header encoding
yuuji@0 464 [RFC2047], but the submit server may not have correctly guessed
yuuji@0 465 the unlabeled character set.
yuuji@0 466
yuuji@0 467 7. IANA Considerations
yuuji@0 468
yuuji@0 469 The "BURL" SMTP extension as described in Section 3 has been
yuuji@0 470 registered. This registration has been marked for use by message
yuuji@0 471 submission [RFC4409] only in the registry.
yuuji@0 472
yuuji@0 473 8. Security Considerations
yuuji@0 474
yuuji@0 475 Modern SMTP submission servers often include content-based security
yuuji@0 476 and denial-of-service defense mechanisms such as virus filtering,
yuuji@0 477 size limits, server-generated signatures, spam filtering, etc.
yuuji@0 478 Implementations of BURL should fetch the URL content prior to
yuuji@0 479 application of such content-based mechanisms in order to preserve
yuuji@0 480 their function.
yuuji@0 481
yuuji@0 482 Clients that generate unsolicited bulk email or email with viruses
yuuji@0 483 could use this mechanism to compensate for a slow link between the
yuuji@0 484 client and submit server. In particular, this mechanism would make
yuuji@0 485 it feasible for a programmable cell phone or other device on a slow
yuuji@0 486 link to become a significant source of unsolicited bulk email and/or
yuuji@0 487 viruses. This makes it more important for submit server vendors
yuuji@0 488 implementing BURL to have auditing and/or defenses against such
yuuji@0 489 denial-of-service attacks including mandatory authentication, logging
yuuji@0 490 that associates unique client identifiers with mail transactions,
yuuji@0 491 limits on reuse of the same IMAP URL, rate limits, recipient count
yuuji@0 492 limits, and content filters.
yuuji@0 493
yuuji@0 494 Transfer of the URLAUTH [RFC4467] form of IMAP URLs in the clear can
yuuji@0 495 expose the authorization token to network eavesdroppers.
yuuji@0 496 Implementations that support such URLs can address this issue by
yuuji@0 497 using a strong confidentiality protection mechanism. For example,
yuuji@0 498 the SMTP STARTTLS [RFC3207] and the IMAP STARTTLS [RFC3501]
yuuji@0 499 extensions, in combination with a configuration setting that requires
yuuji@0 500 their use with such IMAP URLs, would address this concern.
yuuji@0 501
yuuji@0 502
yuuji@0 503
yuuji@0 504
yuuji@0 505
yuuji@0 506 Newman Standards Track [Page 9]
yuuji@0 507
yuuji@0 508 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 509
yuuji@0 510
yuuji@0 511 Use of a prearranged trust relationship between a submit server and a
yuuji@0 512 specific IMAP server introduces security considerations. A
yuuji@0 513 compromise of the submit server should not automatically compromise
yuuji@0 514 all accounts on the IMAP server, so trust relationships involving
yuuji@0 515 super-user proxy credentials are strongly discouraged. A system that
yuuji@0 516 requires the submit server to authenticate to the IMAP server with
yuuji@0 517 submit credentials and subsequently requires a URLAUTH URL to fetch
yuuji@0 518 any content addresses this concern. A trusted third party model for
yuuji@0 519 proxy credentials (such as that provided by Kerberos 5 [RFC4120])
yuuji@0 520 would also suffice.
yuuji@0 521
yuuji@0 522 When a client uses SMTP STARTTLS to send a BURL command that
yuuji@0 523 references non-public information, there is a user expectation that
yuuji@0 524 the entire message content will be treated confidentially. To
yuuji@0 525 address this expectation, the message submission server SHOULD use
yuuji@0 526 STARTTLS or a mechanism providing equivalent data confidentiality
yuuji@0 527 when fetching the content referenced by that URL.
yuuji@0 528
yuuji@0 529 A legitimate user of a submit server may try to compromise other
yuuji@0 530 accounts on the server by providing an IMAP URLAUTH URL that points
yuuji@0 531 to a server under that user's control that is designed to undermine
yuuji@0 532 the security of the submit server. For this reason, the IMAP client
yuuji@0 533 code that the submit server uses must be robust with respect to
yuuji@0 534 arbitrary input sizes (including large IMAP literals) and arbitrary
yuuji@0 535 delays from the IMAP server. Requiring a prearranged trust
yuuji@0 536 relationship between a submit server and the IMAP server also
yuuji@0 537 addresses this concern.
yuuji@0 538
yuuji@0 539 An authorized user of the submit server could set up a fraudulent
yuuji@0 540 IMAP server and pass a URL for that server to the submit server. The
yuuji@0 541 submit server might then contact the fraudulent IMAP server to
yuuji@0 542 authenticate with submit credentials and fetch content. There are
yuuji@0 543 several ways to mitigate this potential attack. A submit server that
yuuji@0 544 only uses submit credentials with a fixed set of trusted IMAP servers
yuuji@0 545 will not be vulnerable to exposure of those credentials. A submit
yuuji@0 546 server can treat the IMAP server as untrusted and include defenses
yuuji@0 547 for buffer overflows, denial-of-service slowdowns, and other
yuuji@0 548 potential attacks. Finally, because authentication is required to
yuuji@0 549 use BURL, it is possible to keep a secure audit trail and use that to
yuuji@0 550 detect and punish the offending party.
yuuji@0 551
yuuji@0 552
yuuji@0 553
yuuji@0 554
yuuji@0 555
yuuji@0 556
yuuji@0 557
yuuji@0 558
yuuji@0 559
yuuji@0 560
yuuji@0 561
yuuji@0 562 Newman Standards Track [Page 10]
yuuji@0 563
yuuji@0 564 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 565
yuuji@0 566
yuuji@0 567 9. References
yuuji@0 568
yuuji@0 569 9.1. Normative References
yuuji@0 570
yuuji@0 571 [RFC1652] Klensin, J., Freed, N., Rose, M., Stefferud, E., and D.
yuuji@0 572 Crocker, "SMTP Service Extension for
yuuji@0 573 8bit-MIMEtransport", RFC 1652, July 1994.
yuuji@0 574
yuuji@0 575 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
yuuji@0 576 Requirement Levels", BCP 14, RFC 2119, March 1997.
yuuji@0 577
yuuji@0 578 [RFC2192] Newman, C., "IMAP URL Scheme", RFC 2192,
yuuji@0 579 September 1997.
yuuji@0 580
yuuji@0 581 [RFC2554] Myers, J., "SMTP Service Extension for Authentication",
yuuji@0 582 RFC 2554, March 1999.
yuuji@0 583
yuuji@0 584 [RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
yuuji@0 585 April 2001.
yuuji@0 586
yuuji@0 587 [RFC3207] Hoffman, P., "SMTP Service Extension for Secure SMTP
yuuji@0 588 over Transport Layer Security", RFC 3207,
yuuji@0 589 February 2002.
yuuji@0 590
yuuji@0 591 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL -
yuuji@0 592 VERSION 4rev1", RFC 3501, March 2003.
yuuji@0 593
yuuji@0 594 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter,
yuuji@0 595 "Uniform Resource Identifier (URI): Generic Syntax",
yuuji@0 596 STD 66, RFC 3986, January 2005.
yuuji@0 597
yuuji@0 598 [RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
yuuji@0 599 Specifications: ABNF", RFC 4234, October 2005.
yuuji@0 600
yuuji@0 601 [RFC4409] Gellens, R. and J. Klensin, "Message Submission for
yuuji@0 602 Mail", RFC 4409, April 2006.
yuuji@0 603
yuuji@0 604 [RFC4467] Crispin, M., "Internet Message Access Protocol (IMAP) -
yuuji@0 605 URLAUTH Extension", RFC 4467, May 2006.
yuuji@0 606
yuuji@0 607
yuuji@0 608
yuuji@0 609
yuuji@0 610
yuuji@0 611
yuuji@0 612
yuuji@0 613
yuuji@0 614
yuuji@0 615
yuuji@0 616
yuuji@0 617
yuuji@0 618 Newman Standards Track [Page 11]
yuuji@0 619
yuuji@0 620 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 621
yuuji@0 622
yuuji@0 623 9.2. Informative References
yuuji@0 624
yuuji@0 625 [RFC2034] Freed, N., "SMTP Service Extension for Returning
yuuji@0 626 Enhanced Error Codes", RFC 2034, October 1996.
yuuji@0 627
yuuji@0 628 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet
yuuji@0 629 Mail Extensions (MIME) Part One: Format of Internet
yuuji@0 630 Message Bodies", RFC 2045, November 1996.
yuuji@0 631
yuuji@0 632 [RFC2047] Moore, K., "MIME (Multipurpose Internet Mail
yuuji@0 633 Extensions) Part Three: Message Header Extensions for
yuuji@0 634 Non-ASCII Text", RFC 2047, November 1996.
yuuji@0 635
yuuji@0 636 [RFC2920] Freed, N., "SMTP Service Extension for Command
yuuji@0 637 Pipelining", STD 60, RFC 2920, September 2000.
yuuji@0 638
yuuji@0 639 [RFC3030] Vaudreuil, G., "SMTP Service Extensions for
yuuji@0 640 Transmission of Large and Binary MIME Messages",
yuuji@0 641 RFC 3030, December 2000.
yuuji@0 642
yuuji@0 643 [RFC3463] Vaudreuil, G., "Enhanced Mail System Status Codes",
yuuji@0 644 RFC 3463, January 2003.
yuuji@0 645
yuuji@0 646 [RFC4120] Neuman, C., Yu, T., Hartman, S., and K. Raeburn, "The
yuuji@0 647 Kerberos Network Authentication Service (V5)", RFC
yuuji@0 648 4120, July 2005.
yuuji@0 649
yuuji@0 650 [SASL-PLAIN] Zeilenga, K., "The Plain SASL Mechanism", Work in
yuuji@0 651 Progress, March 2005.
yuuji@0 652
yuuji@0 653
yuuji@0 654
yuuji@0 655
yuuji@0 656
yuuji@0 657
yuuji@0 658
yuuji@0 659
yuuji@0 660
yuuji@0 661
yuuji@0 662
yuuji@0 663
yuuji@0 664
yuuji@0 665
yuuji@0 666
yuuji@0 667
yuuji@0 668
yuuji@0 669
yuuji@0 670
yuuji@0 671
yuuji@0 672
yuuji@0 673
yuuji@0 674 Newman Standards Track [Page 12]
yuuji@0 675
yuuji@0 676 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 677
yuuji@0 678
yuuji@0 679 Appendix A. Acknowledgements
yuuji@0 680
yuuji@0 681 This document is a product of the lemonade WG. Many thanks are due
yuuji@0 682 to all the participants of that working group for their input. Mark
yuuji@0 683 Crispin was instrumental in the conception of this mechanism. Thanks
yuuji@0 684 to Randall Gellens, Alexey Melnikov, Sam Hartman, Ned Freed, Dave
yuuji@0 685 Cridland, Peter Coates, and Mark Crispin for review comments on the
yuuji@0 686 document. Thanks to the RFC Editor for correcting the author's
yuuji@0 687 grammar mistakes. Thanks to Ted Hardie, Randall Gellens, Mark
yuuji@0 688 Crispin, Pete Resnick, and Greg Vaudreuil for extremely interesting
yuuji@0 689 debates comparing this proposal and alternatives. Thanks to the
yuuji@0 690 lemonade WG chairs Eric Burger and Glenn Parsons for concluding the
yuuji@0 691 debate at the correct time and making sure this document got
yuuji@0 692 completed.
yuuji@0 693
yuuji@0 694 Author's Address
yuuji@0 695
yuuji@0 696 Chris Newman
yuuji@0 697 Sun Microsystems
yuuji@0 698 3401 Centrelake Dr., Suite 410
yuuji@0 699 Ontario, CA 91761
yuuji@0 700 US
yuuji@0 701
yuuji@0 702 EMail: chris.newman@sun.com
yuuji@0 703
yuuji@0 704
yuuji@0 705
yuuji@0 706
yuuji@0 707
yuuji@0 708
yuuji@0 709
yuuji@0 710
yuuji@0 711
yuuji@0 712
yuuji@0 713
yuuji@0 714
yuuji@0 715
yuuji@0 716
yuuji@0 717
yuuji@0 718
yuuji@0 719
yuuji@0 720
yuuji@0 721
yuuji@0 722
yuuji@0 723
yuuji@0 724
yuuji@0 725
yuuji@0 726
yuuji@0 727
yuuji@0 728
yuuji@0 729
yuuji@0 730 Newman Standards Track [Page 13]
yuuji@0 731
yuuji@0 732 RFC 4468 Message Submission BURL Extension May 2006
yuuji@0 733
yuuji@0 734
yuuji@0 735 Full Copyright Statement
yuuji@0 736
yuuji@0 737 Copyright (C) The Internet Society (2006).
yuuji@0 738
yuuji@0 739 This document is subject to the rights, licenses and restrictions
yuuji@0 740 contained in BCP 78, and except as set forth therein, the authors
yuuji@0 741 retain all their rights.
yuuji@0 742
yuuji@0 743 This document and the information contained herein are provided on an
yuuji@0 744 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
yuuji@0 745 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
yuuji@0 746 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
yuuji@0 747 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
yuuji@0 748 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
yuuji@0 749 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
yuuji@0 750
yuuji@0 751 Intellectual Property
yuuji@0 752
yuuji@0 753 The IETF takes no position regarding the validity or scope of any
yuuji@0 754 Intellectual Property Rights or other rights that might be claimed to
yuuji@0 755 pertain to the implementation or use of the technology described in
yuuji@0 756 this document or the extent to which any license under such rights
yuuji@0 757 might or might not be available; nor does it represent that it has
yuuji@0 758 made any independent effort to identify any such rights. Information
yuuji@0 759 on the procedures with respect to rights in RFC documents can be
yuuji@0 760 found in BCP 78 and BCP 79.
yuuji@0 761
yuuji@0 762 Copies of IPR disclosures made to the IETF Secretariat and any
yuuji@0 763 assurances of licenses to be made available, or the result of an
yuuji@0 764 attempt made to obtain a general license or permission for the use of
yuuji@0 765 such proprietary rights by implementers or users of this
yuuji@0 766 specification can be obtained from the IETF on-line IPR repository at
yuuji@0 767 http://www.ietf.org/ipr.
yuuji@0 768
yuuji@0 769 The IETF invites any interested party to bring to its attention any
yuuji@0 770 copyrights, patents or patent applications, or other proprietary
yuuji@0 771 rights that may cover technology that may be required to implement
yuuji@0 772 this standard. Please address the information to the IETF at
yuuji@0 773 ietf-ipr@ietf.org.
yuuji@0 774
yuuji@0 775 Acknowledgement
yuuji@0 776
yuuji@0 777 Funding for the RFC Editor function is provided by the IETF
yuuji@0 778 Administrative Support Activity (IASA).
yuuji@0 779
yuuji@0 780
yuuji@0 781
yuuji@0 782
yuuji@0 783
yuuji@0 784
yuuji@0 785
yuuji@0 786 Newman Standards Track [Page 14]
yuuji@0 787

UW-IMAP'd extensions by yuuji