Mail Working Group Jack De Winter, Director Internet Draft Wildbear Consulting, Inc. Expires in six months SMTP Service Extension for Remote Message Queue Starting June 12, 1996 1. Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt" listing contained in the Internet- Drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 2. Abstract This memo defines an extension to the SMTP service whereby an SMTP client and server may interact to give the server an opportunity to start the processing of its queues for messages to go to a given host. This is an attempt to fix the security problems with the TURN by creating a new command ETRN that places the emphasis on the server instead of the connection. This extension is meant to be used in startup conditions as well as for mail nodes that have transient connections to their service providers. 3. Introduction The TURN command was a valid attempt to address the problem of having to start the processing for the mail queue on a remote machine. However, the TURN command presents a large security loophole. As there is no verification of the remote host name, the TURN command could be used by a rogue system to download the mail for a site other than itself. Therefore, this memo introduces the ETRN command. This command uses the mechanism defined in [4] to define extensions to the SMTP service whereby a client ("sender-SMTP") may request that the server ("receiver-SMTP") start the processing of its mail queues for messages that are waiting at the server for the client machine. If any messages are at the server for the client, then the server should create a new SMTP session and send the messages at that time. 4. Framework for the ETRN Extension The following service extension is therefore defined: (1) the name of the SMTP service extension is "Remote Queue Processing Declaration"; (2) the EHLO keyword value associated with this extension is "ETRN", with no associated parameters; (3) one additional verb, ETRN, with a single parameter that specifies the name of the client(s) to start processing for; (4) no additional SMTP verbs are defined by this extension. The remainder of this memo specifies how support for the extension affects the behavior of an SMTP client and server. 5. The Remote Queue Processing Declaration service extension To save money, many small companies want to only maintain transient connections to their service providers. In addition, there are some situations where the client sites depend on their mail arriving quickly, so forcing the queues on the server belonging to their service provider may be more desirable than waiting for the retry timeout to occur. Both of these situations could currently be fixed using the TURN command defined in [1], if it were not for a large security loophole in the TURN command. As it stands, the TURN command will reverse the direction of the SMTP connection and assume that the remote host is being honest about what its name is. The security loophole is that there is no documented stipulation for checking the authenticity of the remote host name, as given in the HELO or EHLO command. As such, most SMTP and ESMTP implementations do not implement the TURN command to avoid this security loophole. This has been addressed in the design of the ETRN command. This extended turn command was written with the points in the first paragraph in mind, yet paying attention to the problems that currently exist with the TURN command. The security loophole is avoided by asking the server to start a new connection aimed at the specified client. In this manner, the server has a lot more certainty that it is talking to the correct SMTP client. This mechanism can just be seen as a more immediate version of the retry queues that appear in most SMTP implementations. In addition, as this command will take a single parameter, the name of the remote host(s) to start the queues for, the server can decide whether it wishes to respect the request or deny it for any local administrative reasons. 6. Definitions Remote queue processing means that using an SMTP or ESMTP connection, the client may request that the server start to process parts of its messaging queue. This processing is performed using the existing SMTP infrastructure and will occur at some point after the processing is initiated. The server host is the node that is responding to the ETRN command. The client host is the node that is initiating the ETRN command. The remote host name is defined to be a plain-text field that specifies a name for the remote host(s). This remote host name may also include an alias for the specified remote host or special commands to identify other types of queues. 7. The extended ETRN command The extended ETRN command is issued by the client host when it wishes to start the SMTP queue processing of a given server host. The syntax of this command is as follows: ETRN [