[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 RFC 5248

Network Working Group                                          T. Hansen
Internet-Draft                                         AT&T Laboratories
Updates: 3463,4468,4954                                       J. Klensin
(if approved)                                             April 18, 2008
Intended status: Standards Track
Expires: October 20, 2008


         A Registry for SMTP Enhanced Mail System Status Codes
                draft-hansen-4468upd-mailesc-registry-05

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on October 20, 2008.

Abstract

   The specification for enhanced mail system enhanced status codes, RFC
   3463, establishes a new code model and lists a collection of status
   codes.  While it anticipated that more codes would be added over
   time, it did not provide an explicit mechanism for registering and
   tracking those codes.  This document specifies an IANA registry for
   mail system enhanced status codes, and initializes that registry with
   the codes so far established in published standards-track documents,
   as well as other codes that have become established in the industry.





Hansen & Klensin        Expires October 20, 2008                [Page 1]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  3
     2.1.  SMTP Enhanced Status Codes Registry  . . . . . . . . . . .  3
     2.2.  Review Process for New Values  . . . . . . . . . . . . . .  5
     2.3.  Registration Updates . . . . . . . . . . . . . . . . . . .  5
     2.4.  Initial Values . . . . . . . . . . . . . . . . . . . . . .  5
   3.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9
   4.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  9
   5.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
     5.1.  Normative References . . . . . . . . . . . . . . . . . . . 10
     5.2.  Informative References . . . . . . . . . . . . . . . . . . 10
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10
   Intellectual Property and Copyright Statements . . . . . . . . . . 12




































Hansen & Klensin        Expires October 20, 2008                [Page 2]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


1.  Introduction

   Enhanced Status Codes for SMTP were first defined in [RFC1893],
   subsequently replaced by [RFC3463].  While it anticipated that more
   codes would be added over time (see its Section 2), it did not
   provide an explicit mechanism for registering and tracking those
   codes.  Since that time, various RFCs have been published and
   internet drafts proposed that define further status codes.  However,
   without an IANA registry, conflicts in definitions have begun to
   appear.

   This RFC defines such an IANA registry and was written to help
   prevent further conflicts from appearing in the future.  It
   initializes the registry with the established standards-track
   enhanced status codes from [RFC3463], [RFC3886], [RFC4468] and
   [RFC4954].  In addition, several codes are added that were
   established by various internet drafts and have come into common use,
   despite the expiration of the documents themselves.

   As specified in [RFC3463], an enhanced status code consists of a
   three-part code, with each part being numeric and separated by a
   period character.  The three portions are known as the class sub-
   code, the subject sub-code, and the detail sub-code.  In the tables,
   a wildcard for the class sub-code is represented by an X, a wildcard
   for a subject sub-code is represented by a XXX, and a wildcard for a
   detail sub-code is represented by an YYY.  For example, 3.XXX.YYY has
   an unspecified subject sub-code and an unspecified status code, and
   X.5.0 is has an unspecified class sub-code.  (This is a change from
   [RFC3463], which uses XXX for both the subject sub-code and detail
   sub-code wildcards.)

   This document is being discussed on the SMTP mailing list,
   ietf-smtp@imc.org.  (RFC EDITOR NOTE: Remove this paragraph on
   publication.)


2.  IANA Considerations

2.1.  SMTP Enhanced Status Codes Registry

   IANA is directed to create the registry "SMTP Enhanced Status Codes".
   The Mail Enhanced Status Codes registry will have three tables:

   o  Class Sub-Codes.  Each of the entries in this table represent
      class sub-codes and all have an unspecified subject sub-code and
      an unspecified detail sub-code.





Hansen & Klensin        Expires October 20, 2008                [Page 3]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   o  Subject Sub-Codes.  Each of the entries in this table represent
      subject sub-codes and all have an unspecified class sub-code and
      an unspecified detail sub-code.
   o  Enumerated Status Codes.  Each of the entries in this table
      represent the combination of a subject sub-code and a detail sub-
      code.  All entries will have an unspecified class sub-code, a
      specified subject sub-code, and a specified detail sub-code.

   Each entry in the tables will include the following.  (The sub-code
   tables will not have the Associated Basic Status Code entries.)

   Code:                         The status code.  For example,
                                 3.XXX.YYY is a class sub-code with an
                                 unspecified subject sub-code and an
                                 unspecified detail sub-code, and X.5.0
                                 is an enumerated status code with an
                                 unspecified class sub-code.
   Summary: or Sample Text:      For class and subject sub-codes, this
                                 is the summary of the use for the sub-
                                 code shown in section 2 of [RFC3463].
                                 For enumerated status codes, this is an
                                 example of a message that might be sent
                                 along with the code.
   Associated Basic Status Code: For enumerated status codes, the basic
                                 status code(s) of [RFC2821] with which
                                 it is usually associated.  This may
                                 also have a value such as "Any" or "Not
                                 given".  NOTE: This is a non-exclusive
                                 list.  In particular, the entries that
                                 list some basic status codes for an
                                 Enhanced Status Code might allow for
                                 other basic status codes, while the
                                 entries denoted "Not given" can be
                                 filled in by updating the IANA registry
                                 through updates to this document or at
                                 the direction of the IESG.
   Description:                  A short description of the code.
   Reference:                    A reference to the document in which
                                 the code is defined.  This reference
                                 should note whether the relevant
                                 specification is standards-track or not
                                 using "(Standards track)" or "(Not
                                 standards track)".
   Submitter:                    The identity of the submitter, usually
                                 the document author.






Hansen & Klensin        Expires October 20, 2008                [Page 4]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   Change Controller:            The identity of the change controller
                                 for the specification.  This will be
                                 "IESG" in the case of IETF-produced
                                 documents.

   An example of an entry in the enumerated status code table would be:

   Code:               X.0.0
   Sample Text:        Other undefined Status
   Associated basic status code:  Any
   Description:        Other undefined status is the only undefined
                       error code.  It should be used for all errors for
                       which only the class of the error is known.
   Reference:          RFC 3463.  (Standards track)
   Submitter:          G. Vaudreuil
   Change controller:  IESG.

2.2.  Review Process for New Values

   Entries in this registry are expected to follow the "Specification
   Required" model ([RFC2434]) although, in practice, most entries are
   expected to derive from standards-track documents.  Non-standards-
   track documents that specify codes to be registered should be readily
   available.  The principal purpose of this registry is to avoid
   confusion and conflicts among different definitions or uses for the
   same code.

   The procedures from [RFC4020] may be followed to pre-allocate an
   Enhanced Status Code before final publication of an internet draft.

2.3.  Registration Updates

   Standards-track registrations may be updated if the relevant
   standards are updated as a consequence of that action.  Non-
   standards-track entries may be updated by the listed responsible
   party.  Only the entry's short description or references may be
   modified in this way, not the code or associated text.  In
   exceptional cases, any aspect of any registered entity may be updated
   at the direction of the IESG (for example, to correct a conflict).

2.4.  Initial Values

   The initial values for the class and subject sub-code tables are to
   be populated from section 2 of [RFC3463].  Specifically, these are
   the values for 2.XXX.YYY, 4.XXX.YYY and 5.XXX.YYY for the Class Sub-
   Code table, and the values X.0.YYY, X.1.YYY, X.2.YYY, X.3.YYY,
   X.4.YYY, X.5.YYY, X.6.YYY and X.7.YYY for the Subject Sub-Code table.
   The code, sample text and description for each entry are to be taken



Hansen & Klensin        Expires October 20, 2008                [Page 5]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   from [RFC3463].  Each entry is to use [RFC3463] as the reference,
   submitted by G. Vaudreuil, and change controlled by IESG.  There are
   no associated detail sub-code values for the class and subject sub-
   code tables.

   The initial values for the Enumerated Status Code table is to be
   populated from:

   1.  sections 3.1 through 3.8 of [RFC3463], (X.0.0, X.1.0 through
       X.1.8, X.2.0 through X.2.4, X.3.0 through X.3.5, X.4.0 through
       X.4.7, X.5.0 through X.5.5, X.6.0 through X.6.5, and X.7.0
       through X.7.7)
   2.  section 3.3.4 of [RFC3886] (X.1.9),
   3.  X.6.6 found in section 5 of [RFC4468], (but not X.7.8 found in
       the same section),
   4.  and X.5.6, X.7.8, X.7.9, X.7.11 and X.7.12, found in section 6 of
       [RFC4954].

   Each entry is to be designated as defined in the corresponding RFC,
   submitted by the corresponding RFC author, and change controlled by
   the IESG.  Each of the above RFCs is a standards track document.

   The initial values for the Associated Basic Status Code for each of
   the above initial enhanced status codes is given in the following
   table.

   As noted above, this table is incomplete.  In particular, the entries
   that have some basic status codes might allow for other detail sub-
   status codes, while the entries denoted "Not given" can be filled in
   by updating the IANA registry through updates to this document or at
   the direction of the IESG.




















Hansen & Klensin        Expires October 20, 2008                [Page 6]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   +--------+---------+--------+-------------+--------+----------------+
   | Enh.   | Assoc.  | Enh.   | Assoc.      | Enh.   | Assoc.  Basic  |
   | Status | Basic   | Status | Basic       | Status | Status Code    |
   | Code   | Status  | Code   | Status Code | Code   |                |
   |        | Code    |        |             |        |                |
   +--------+---------+--------+-------------+--------+----------------+
   | X.0.0  | Any     | X.1.0  | Not given   | X.1.1  | 451, 550       |
   | X.1.2  | Not     | X.1.3  | 501         | X.1.4  | Not given      |
   |        | given   |        |             |        |                |
   | X.1.5  | 250     | X.1.6  | Not given   | X.1.7  | Not given      |
   | X.1.8  | 451,    | X.2.0  | Not given   | X.2.1  | Not given      |
   |        | 501     |        |             |        |                |
   | X.2.2  | 552     | X.2.3  | 552         | X.2.4  | 450, 452       |
   | X.3.0  | 221,    | X.3.1  | 452         | X.3.2  | 453            |
   |        | 250,    |        |             |        |                |
   |        | 421,    |        |             |        |                |
   |        | 451,    |        |             |        |                |
   |        | 550,    |        |             |        |                |
   |        | 554     |        |             |        |                |
   | X.3.3  | Not     | X.3.4  | 552, 554    | X.3.5  | Not given      |
   |        | given   |        |             |        |                |
   | X.4.0  | Not     | X.4.1  | 451         | X.4.2  | 421            |
   |        | given   |        |             |        |                |
   | X.4.3  | 451,    | X.4.4  | Not given   | X.4.5  | 451            |
   |        | 550     |        |             |        |                |
   | X.4.6  | Not     | X.4.7  | Not given   | X.5.0  | 220, 250, 251, |
   |        | given   |        |             |        | 252, 253, 451, |
   |        |         |        |             |        | 452, 454, 458, |
   |        |         |        |             |        | 459, 501, 502, |
   |        |         |        |             |        | 503, 554       |
   | X.5.1  | 430,    | X.5.2  | 500, 501,   | X.5.3  | 451            |
   |        | 500,    |        | 502, 550,   |        |                |
   |        | 501,    |        | 555         |        |                |
   |        | 503,    |        |             |        |                |
   |        | 530,    |        |             |        |                |
   |        | 550,    |        |             |        |                |
   |        | 554,    |        |             |        |                |
   |        | 555     |        |             |        |                |
   | X.5.4  | 451,    | X.5.5  | Not given   | X.5.6  | 500            |
   |        | 501,    |        |             |        |                |
   |        | 502,    |        |             |        |                |
   |        | 503,    |        |             |        |                |
   |        | 504,    |        |             |        |                |
   |        | 550,    |        |             |        |                |
   |        | 555     |        |             |        |                |
   | X.6.0  | Not     | X.6.1  | Not given   | X.6.2  | Not given      |
   |        | given   |        |             |        |                |
   | X.6.3  | 554     | X.6.4  | 250         | X.6.5  | Not given      |



Hansen & Klensin        Expires October 20, 2008                [Page 7]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   | X.6.6  | 554     | X.7.0  | 220, 235,   | X.7.1  | 451, 454, 502, |
   |        |         |        | 450, 454,   |        | 503, 533, 550, |
   |        |         |        | 500, 501,   |        | 551            |
   |        |         |        | 503, 504,   |        |                |
   |        |         |        | 530, 535,   |        |                |
   |        |         |        | 550         |        |                |
   | X.7.2  | 550     | X.7.3  | Not given   | X.7.4  | 504            |
   | X.7.5  | Not     | X.7.6  | Not given   | X.7.7  | Not given      |
   |        | given   |        |             |        |                |
   | X.7.8  | 535,    | X.7.9  | 534         | X.7.11 | 524, 538       |
   |        | 554     |        |             |        |                |
   | X.7.12 | 422,    |        |             |        |                |
   |        | 432     |        |             |        |                |
   +--------+---------+--------+-------------+--------+----------------+

                                  Table 1

   The following additional definitions are to be registered in the
   enumerated status code table.  These entries have been used in the
   industry without any published specification.  (RFC EDITOR NOTE:
   change XXXX below to this document's RFC number.)

   Code:               X.7.10
   Sample Text:        Encryption Needed
   Associated basic status code:  523
   Description:        This indicates that external strong privacy layer
                       is needed in order to use the requested
                       authentication mechanism.  This is primarily
                       intended for use with clear text authentication
                       mechanisms.  A client which receives this may
                       activate a security layer such as TLS prior to
                       authenticating, or attempt to use a stronger
                       mechanism.
   Reference:          RFC XXXX.  (Standards track)
   Submitter:          T. Hansen, J. Klensin
   Change controller:  IESG.

   Code:               X.7.13
   Sample Text:        User Account Disabled
   Associated basic status code:  525
   Description:        Sometimes a system administrator will have to
                       disable a user's account (e.g., due to lack of
                       payment, abuse, evidence of a break-in attempt,
                       etc).  This error code occurs after a successful
                       authentication to a disabled account.  This
                       informs the client that the failure is permanent
                       until the user contacts their system
                       administrator to get the account re-enabled.  It



Hansen & Klensin        Expires October 20, 2008                [Page 8]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


                       differs from a generic authentication failure
                       where the client's best option is to present the
                       passphrase entry dialog in case the user simply
                       mistyped their passphrase.
   Reference:          RFC XXXX.  (Standards track)
   Submitter:          T. Hansen, J. Klensin
   Change controller:  IESG.

   Code:               X.7.14
   Sample Text:        Trust relationship required
   Associated basic status code:  535, 554
   Description:        The submission server requires a configured trust
                       relationship with a third-party server in order
                       to access the message content.  This value
                       replaces the prior use of X.7.8 for this error
                       condition. thereby updating [RFC4468].
   Reference:          RFC XXXX.  (Standards track)
   Submitter:          T. Hansen, J. Klensin
   Change controller:  IESG.


3.  Security Considerations

   As stated in [RFC1893], use of enhanced status codes may disclose
   additional information about how an internal mail system is
   implemented beyond that available through the SMTP status codes.

   Many proposed additions to the response code list are security
   related.  Having these registered in one place to prevent collisions
   will improve their value.  Security error responses can leak
   information to active attackers (e.g., the distinction between "user
   not found" and "bad password" during authentication).  Documents
   defining security error codes should make it clear when this is the
   case so SMTP server software subject to such threats can provide
   appropriate controls to restrict exposure.


4.  Acknowledgements

   While the need for this registry should have become clear shortly
   after [RFC3463] was approved, the growth of the code table through
   additional documents and work done as part of email
   internationalization and [RFC2821] updating efforts made the
   requirement much more clear.  The comments of the participants in
   those efforts are gratefully acknowledged, particularly the members
   of the ietf-smtp@imc.org mailing list.  Chris Newman and Randy
   Gellens provided useful comments and some text for early versions of
   the document.



Hansen & Klensin        Expires October 20, 2008                [Page 9]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


5.  References

5.1.  Normative References

   [RFC3463]  Vaudreuil, G., "Enhanced Mail System Status Codes",
              RFC 3463, January 2003.

   [RFC2821]  Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
              April 2001.

   [RFC3886]  Allman, E., "An Extensible Message Format for Message
              Tracking Responses", RFC 3886, September 2004.

   [RFC4020]  Kompella, K. and A. Zinin, "Early IANA Allocation of
              Standards Track Code Points", BCP 100, RFC 4020,
              February 2005.

   [RFC4468]  Newman, C., "Message Submission BURL Extension", RFC 4468,
              May 2006.

   [RFC4954]  Siemborski, R. and A. Melnikov, "SMTP Service Extension
              for Authentication", RFC 4954, July 2007.

5.2.  Informative References

   [RFC1893]  Vaudreuil, G., "Enhanced Mail System Status Codes",
              RFC 1893, January 1996.

   [RFC2434]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 2434,
              October 1998.


Authors' Addresses

   Tony Hansen
   AT&T Laboratories
   200 Laurel Ave.
   Middletown, NJ  07748
   USA

   Email: tony+mailesc@maillennium.att.com









Hansen & Klensin        Expires October 20, 2008               [Page 10]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


   John C Klensin
   1770 Massachusetts Ave, Ste 322
   Cambridge, MA  02140
   USA

   Phone: +1 617 245 1457
   Email: john+ietf@jck.com












































Hansen & Klensin        Expires October 20, 2008               [Page 11]

Internet-Draft     SMTP Enhanced Status Code Registry         April 2008


Full Copyright Statement

   Copyright (C) The IETF Trust (2008).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.











Hansen & Klensin        Expires October 20, 2008               [Page 12]


Html markup produced by rfcmarkup 1.107, available from http://tools.ietf.org/tools/rfcmarkup/