Discussion of OCP/SMTP profile and some Use cases Presented by Abbie Barbir
August 3, OCP Recap
August 3, OCP Building Blocks
August 3, OCP/SMTP Profile Defines a profile for the OCP core that allows to handle SMTP messages OCP has a feature to negotiate profiles between client and server SMTP profile may have additional parameters/options that can be used in the negotiation process Focus is on adaptation of RFC 2822 formatted messages
August 3, Uses Cases 1/2 Use Case 1: MTA at a corporate gateway handles outgoing mail traffic In "MAIL FROM:" command it gets the sender's address Before replying to this command (allow/deny) it sends an OCP request to an OPES service that checks in the corporate directory service whether that employee is allowed to send mails to the Internet Depending on the OCP response the MTA replies in the SMTP dialog with allow or deny Use Case 2: The other way around The MTA sends OCP requests for all "RCPT TO:" commands for incoming messages and asks the OPES service whether the recipient exists and is allowed to receive
August 3, Uses Cases 2/2 Use Case 3: Sender validation via OPES OPES service checks sender IP, HELO command, resolves the sender address etc. This may tell the MTA not to accept the message for delivery Could even be done asynchronously for some parts, i.e. sending the OCP request after HELO or MAIL FROM and continuing to handle recipients and to receive the mail body The response needs to be there before the message gets finally accepted
August 3, OCP/SMTP Profile … Some metadata from the SMTP dialog may need to be transferred from the OCP client to the OCP Sever e.g. –The values of the "MAIL FROM" and "RCPT TO" commands are often needed to determine the real sender and recipient of the messages (not relying on the visible data in the message header) –Need to define the extent of the SMTP profile for OCP and decide if it is allowed to adapt SMTP commands themselves
August 3, Which SMTP element? WG will focus on Message Transfer Agent (MTA) to be the first target for OCP client implementers Need to determine whether this can/should be extended to usage in –Mail user agent (MUA) –Mail Submission Agent (MSA)
August 3, Some Open Issues/Problems SMTP messages can have multiple recipients The callout server may need to apply different filtering policies to different recipients For example: The callout server does language translation to the native language of the recipient If a message from an English sender is sent to two French and one German recipients, two copies of the message are needed The OCP callout server has to tell the OCP client that multiple copies will be returned and to which recipient a copy should be sent An additional problem is the creation of end use error messages, if these messages are not only sent to the recipients but also to the sender and/or postmaster
August 3, Some Open Issues/Problems… WG needs to decide whether the creation of a MIME profile could be a side effect of the SMTP profile work or whether the SMTP profile can be structured in a way that allows easy definition of OCP/MIME at a later time Need to determine how this will fit with IAB consideration for OPES RFC, for example: –How tracing will be addressed –Tracking of performed adaptations/Bypass Privacy Issues
August 3, Q&A