[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01 02 03 04 05 RFC 5248
Network Working Group T. Hansen
Internet-Draft AT&T Laboratories
Updates: 3463,4468,4954 J. Klensin
(if approved) February 25, 2008
Intended status: Standards Track
Expires: August 28, 2008
A Registry for SMTP Enhanced Mail System Status Codes
draft-hansen-4468upd-mailesc-registry-04
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 28, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2008).
Abstract
The specification for enhanced mail system enhanced status codes, RFC
3463, establishes a new code model and lists a collection of status
codes. While it anticipated that more codes would be added over
time, it did not provide an explicit mechanism for registering and
tracking those codes. This document specifies an IANA registry for
mail system enhanced status codes, and initializes that registry with
Hansen & Klensin Expires August 28, 2008 [Page 1]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
the codes so far established in published standards-track documents,
as well as other codes that have become established in the industry.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3
2.1. SMTP Enhanced Status Codes Registry . . . . . . . . . . . 3
2.2. Review Process for New Values . . . . . . . . . . . . . . 4
2.3. Registration Updates . . . . . . . . . . . . . . . . . . . 5
2.4. Initial Values . . . . . . . . . . . . . . . . . . . . . . 5
3. Security Considerations . . . . . . . . . . . . . . . . . . . 8
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.1. Normative References . . . . . . . . . . . . . . . . . . . 9
5.2. Informative References . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9
Intellectual Property and Copyright Statements . . . . . . . . . . 11
Hansen & Klensin Expires August 28, 2008 [Page 2]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
1. Introduction
Enhanced Status Codes for SMTP were first defined in [RFC1893],
subsequently replaced by [RFC3463]. While it anticipated that more
codes would be added over time (see its Section 2), it did not
provide an explicit mechanism for registering and tracking those
codes. Since that time, various RFCs have been published and
internet drafts proposed that define further status codes. However,
without an IANA registry, conflicts in definitions have begun to
appear.
This RFC defines such an IANA registry and was written to help
prevent further conflicts from appearing in the future. It
initializes the registry with the established standards-track
enhanced status codes from [RFC3463], [RFC3886], [RFC4468] and
[RFC4954]. In addition, several codes are added that were
established by various internet drafts and have come into common use,
despite the expiration of the documents themselves.
NOTE: The values given in Table 1 below are incomplete. The entries
denoted "Not given" should be filled in better. (RFC EDITOR NOTE:
Remove this paragraph on publication.)
This document is being discussed on the SMTP mailing list,
ietf-smtp@imc.org. (RFC EDITOR NOTE: Remove this paragraph on
publication.)
2. IANA Considerations
2.1. SMTP Enhanced Status Codes Registry
IANA is directed to create the registry "SMTP Enhanced Status Codes".
The Mail Enhanced Status Codes registry will have three tables:
o class sub-code,
o subject sub-code, and
o enumerated status codes, which have an unspecified class sub-code,
a specified subject sub-code, and a specified detail sub-code.
Each entry in the tables will include the following. (The sub-code
tables will not have the Associated Basic Status Code entries.)
Code: The sub-code or enumerated status code,
which will be a numeric code consisting
of three components, as specified in
[RFC3463].
Hansen & Klensin Expires August 28, 2008 [Page 3]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
Summary: or Sample Text: For class and subject sub-codes, this
is the summary of the use for the sub-
code shown in section 2 of [RFC3463].
For enumerated status codes, this is an
example of a message that might be sent
along with the code.
Associated Basic Status Code: For enumerated status codes, the basic
status code(s) of [RFC2821] with which
it is usually associated. This may
also have a value such as "Any" or "Not
given". NOTE: This is a non-exclusive
list.
Description: A short description of the code.
Defined: A reference to the document in which
the code is defined. This reference
should note whether the relevant
specification is standards-track or not
using "(Standards track)" or "(Not
standards track)".
Submitter: The identity of the submitter, usually
the document author.
Change Controller: The identity of the change controller
for the specification. This will be
"IESG" in the case of IETF-produced
documents.
An example of an entry in the enumerated status code table would be:
Code: X.0.0
Sample Text: Other undefined Status
Associated basic status code: Any
Description: Other undefined status is the only undefined
error code. It should be used for all errors for
which only the class of the error is known.
Defined: RFC 3463. (Standards track)
Submitter: G. Vaudreuil
Change controller: IESG.
2.2. Review Process for New Values
Entries in this registry are expected to follow the "Specification
Required" model ([RFC2434]) although, in practice, most entries are
expected to derive from standards-track documents. Non-standards-
track documents that specify codes to be registered should be readily
available. The principal purpose of this registry is to avoid
confusion and conflicts among different definitions or uses for the
same code.
Hansen & Klensin Expires August 28, 2008 [Page 4]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
The procedures from [RFC4020] may be followed to pre-allocate an
Enhanced Status Code before final publication of an internet draft.
2.3. Registration Updates
Standards-track registrations may be updated if the relevant
standards are updated as a consequence of that action. Non-
standards-track entries may be updated by the listed responsible
party. Only the entry's short description or references may be
modified in this way, not the code or associated text. In
exceptional cases, any aspect of any registered entity may be updated
at the direction of the IESG (for example, to correct a conflict).
2.4. Initial Values
The initial values for the class and subject sub-code tables are to
be populated from section 2 of [RFC3463]. Specifically, these are
the values for 2.X.XXX, 4.X.XXX and 5.X.XXX for the class sub-code
table, and the values X.0.XXX, X.1.XXX, X.2.XXX, X.3.XXX, X.4.XXX,
X.5.XXX, X.6.XXX and X.7.XXX for the subject sub-code table. The
code, sample text and description for each entry are to be taken from
[RFC3463]. Each entry is to be designated as defined in [RFC3463],
submitted by G. Vaudreuil, and change controlled by IESG. There are
no associated basic status code values for the class and subject sub-
code tables.
The initial values for the enumerated status code table is to be
populated from:
1. sections 3.1 through 3.8 of [RFC3463], (X.0.0, X.1.0 through
X.1.8, X.2.0 through X.2.4, X.3.0 through X.3.5, X.4.0 through
X.4.7, X.5.0 through X.5.5, X.6.0 through X.6.5, and X.7.0
through X.7.7)
2. section 3.3.4 of [RFC3886] (X.1.9),
3. X.6.6 found in section 5 of [RFC4468],
4. and X.5.6, X.7.8, X.7.9, X.7.11 and X.7.12, found in section 6 of
[RFC4954].
Each entry is to be designated as defined in the corresponding RFC,
submitted by the corresponding RFC author, and change controlled by
the IESG. Each of the above RFCs is a standards track document.
The initial values for the Associated Basic Status Code for each of
the above initial enhanced status codes is given in the following
table.
NOTE: This table is incomplete. The entries denoted "Not given"
should be filled in better. (RFC EDITOR NOTE: Remove this note on
Hansen & Klensin Expires August 28, 2008 [Page 5]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
publication.)
+--------+---------+--------+-------------+--------+----------------+
| Enh. | Assoc. | Enh. | Assoc. | Enh. | Assoc. Basic |
| Status | Basic | Status | Basic | Status | Status Code |
| Code | Status | Code | Status Code | Code | |
| | Code | | | | |
+--------+---------+--------+-------------+--------+----------------+
| X.0.0 | Any | X.1.0 | Not given | X.1.1 | 451, 550 |
| X.1.2 | Not | X.1.3 | 501 | X.1.4 | Not given |
| | given | | | | |
| X.1.5 | 250 | X.1.6 | Not given | X.1.7 | Not given |
| X.1.8 | 451, | X.2.0 | Not given | X.2.1 | Not given |
| | 501 | | | | |
| X.2.2 | 552 | X.2.3 | 552 | X.2.4 | 450, 452 |
| X.3.0 | 221, | X.3.1 | 452 | X.3.2 | 453 |
| | 250, | | | | |
| | 421, | | | | |
| | 451, | | | | |
| | 550, | | | | |
| | 554 | | | | |
| X.3.3 | Not | X.3.4 | 552, 554 | X.3.5 | Not given |
| | given | | | | |
| X.4.0 | Not | X.4.1 | 451 | X.4.2 | 421 |
| | given | | | | |
| X.4.3 | 451, | X.4.4 | Not given | X.4.5 | 451 |
| | 550 | | | | |
| X.4.6 | Not | X.4.7 | Not given | X.5.0 | 220, 250, 251, |
| | given | | | | 252, 253, 451, |
| | | | | | 452, 454, 458, |
| | | | | | 459, 501, 502, |
| | | | | | 503, 554 |
| X.5.1 | 430, | X.5.2 | 500, 501, | X.5.3 | 451 |
| | 500, | | 502, 550, | | |
| | 501, | | 555 | | |
| | 503, | | | | |
| | 530, | | | | |
| | 550, | | | | |
| | 554, | | | | |
| | 555 | | | | |
| X.5.4 | 451, | X.5.5 | Not given | X.5.6 | 500 |
| | 501, | | | | |
| | 502, | | | | |
| | 503, | | | | |
| | 504, | | | | |
| | 550, | | | | |
| | 555 | | | | |
Hansen & Klensin Expires August 28, 2008 [Page 6]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
| X.6.0 | Not | X.6.1 | Not given | X.6.2 | Not given |
| | given | | | | |
| X.6.3 | 554 | X.6.4 | 250 | X.6.5 | Not given |
| X.6.6 | 554 | X.7.0 | 220, 235, | X.7.1 | 451, 454, 502, |
| | | | 450, 454, | | 503, 533, 550, |
| | | | 500, 501, | | 551 |
| | | | 503, 504, | | |
| | | | 530, 535, | | |
| | | | 550 | | |
| X.7.2 | 550 | X.7.3 | Not given | X.7.4 | 504 |
| X.7.5 | Not | X.7.6 | Not given | X.7.7 | Not given |
| | given | | | | |
| X.7.8 | 535, | X.7.9 | 534 | X.7.11 | 524, 538 |
| | 554 | | | | |
| X.7.12 | 422, | | | | |
| | 432 | | | | |
+--------+---------+--------+-------------+--------+----------------+
Table 1
The following additional definitions are to be registered in the
enumerated status code table. These entries have been used in the
industry without any published specification. (RFC EDITOR NOTE:
change XXXX below to this document's RFC number.)
Code: X.7.10
Sample Text: Encryption Needed
Associated basic status code: 523
Description: This indicates that external strong privacy layer
is needed in order to use the requested
authentication mechanism. This is primarily
intended for use with clear text authentication
mechanisms. A client which receives this may
activate a security layer such as TLS prior to
authenticating, or attempt to use a stronger
mechanism.
Defined: RFC XXXX. (Standards track)
Submitter: T. Hansen, J. Klensin
Change controller: IESG.
Code: X.7.13
Sample Text: User Account Disabled
Associated basic status code: 525
Description: Sometimes a system administrator will have to
disable a user's account (e.g., due to lack of
payment, abuse, evidence of a break-in attempt,
etc). This error code occurs after a successful
authentication to a disabled account. This
Hansen & Klensin Expires August 28, 2008 [Page 7]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
informs the client that the failure is permanent
until the user contacts their system
administrator to get the account re-enabled. It
differs from a generic authentication failure
where the client's best option is to present the
passphrase entry dialog in case the user simply
mistyped their passphrase.
Defined: RFC XXXX. (Standards track)
Submitter: T. Hansen, J. Klensin
Change controller: IESG.
Code: X.7.14
Sample Text: Trust relationship required
Associated basic status code: 535, 554
Description: The submission server requires a configured trust
relationship with a third-party server in order
to access the message content. This value
replaces the prior use of X.7.8 for this error
condition. thereby updating [RFC4468].
Defined: RFC XXXX. (Standards track)
Submitter: T. Hansen, J. Klensin
Change controller: IESG.
3. Security Considerations
As stated in [RFC1893], use of enhanced status codes may disclose
additional information about how an internal mail system is
implemented beyond that available through the SMTP status codes.
Many proposed additions to the response code list are security
related. Having these registered in one place to prevent collisions
will improve their value. Security error responses can leak
information to active attackers (e.g., the distinction between "user
not found" and "bad password" during authentication). Documents
defining security error codes should make it clear when this is the
case so SMTP server software subject to such threats can provide
appropriate controls to restrict exposure.
4. Acknowledgements
While the need for this registry should have become clear shortly
after [RFC3463] was approved, the growth of the code table through
additional documents and work done as part of email
internationalization and [RFC2821] updating efforts made the
requirement much more clear. The comments of the participants in
those efforts are gratefully acknowledged, particularly the members
Hansen & Klensin Expires August 28, 2008 [Page 8]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
of the ietf-smtp@imc.org mailing list. Chris Newman and Randy
Gellens provided useful comments and some text for early versions of
the document.
5. References
5.1. Normative References
[RFC3463] Vaudreuil, G., "Enhanced Mail System Status Codes",
RFC 3463, January 2003.
[RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
April 2001.
[RFC3886] Allman, E., "An Extensible Message Format for Message
Tracking Responses", RFC 3886, September 2004.
[RFC4020] Kompella, K. and A. Zinin, "Early IANA Allocation of
Standards Track Code Points", BCP 100, RFC 4020,
February 2005.
[RFC4468] Newman, C., "Message Submission BURL Extension", RFC 4468,
May 2006.
[RFC4954] Siemborski, R. and A. Melnikov, "SMTP Service Extension
for Authentication", RFC 4954, July 2007.
5.2. Informative References
[RFC1893] Vaudreuil, G., "Enhanced Mail System Status Codes",
RFC 1893, January 1996.
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 2434,
October 1998.
Authors' Addresses
Tony Hansen
AT&T Laboratories
200 Laurel Ave.
Middletown, NJ 07748
USA
Email: tony+mailesc@maillennium.att.com
Hansen & Klensin Expires August 28, 2008 [Page 9]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
John C Klensin
1770 Massachusetts Ave, Ste 322
Cambridge, MA 02140
USA
Phone: +1 617 245 1457
Email: john+ietf@jck.com
Hansen & Klensin Expires August 28, 2008 [Page 10]
Internet-Draft SMTP Enhanced Status Code Registry February 2008
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Hansen & Klensin Expires August 28, 2008 [Page 11]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/