[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What about an authenticated TURN command?
At 09:44 AM 6/9/97 -0700, Jeff Stephenson (Exchange) wrote:
>To kick off discussion on this topic, I'd like to state the problem that
>I think we're addressing on this list: providing a means within SMTP to
>dequeue mail from a server in a secure manner (i.e. not allowing others
>to receive the mail as TURN does) and in an environment which may
>involve dynamic IP addresses. The problem we've seen with ETRN is that
>a user connects to their ISP, gets a dynamically assigned IP address,
>issues an ETRN, and then (for whatever reason) loses their connection.
>If another user connects at that time, they can get the previous user's
>IP address and, because the tables on the ISP haven't yet been updated,
>the ETRN connects to that new user and delivers the old user's mail.
>It seems to me that an SMTP extension which is basically TURN over an
>authenticated SMTP connection (call it ATRN for now) would solve the
>problem nicely. An SMTP client would issue the command
> ATRN [optional list of mailbox addresses or domains]
>when it wished to dequeue mail for either the domain specified in the
>initial EHLO (if the ATRN command had no parameters) or for the optional
>list of mailboxes and domains.
Sounds like a good approach. However:
1) This would put the bulk of the waiting behind the SMTP-SASL/SMTP-TLS
support. I.e. that would have to be finalized before we could get our
2) Some systems do not have the option of sending the mail right away
over the same connection. We would have to further design an approach
where we could handle those.
Basically, ETRN was put in there to kick the other queue. I agree that
dynamic IP addresses put a kick into the entire thing.
I guess a basic question to start would be: Is a dynamic address something
that is okay for a mail server to have?
Jack De Winter - Wildbear Consulting, Inc.
(519) 884-4498 http://www.wildbear.on.ca/
Author of SLMail for 95 & NT (http://www.seattlelab.com/)