[batv-tech] New version of batv available

Tue May 13 12:45:47 PDT 2008

Hi all!

If my memory serves, we released a version of MDaemon with BATV in Feb 
2007 to a limited audience and then to the world in April 2007.  Our 
feedback since then has been tremendously positive.  There is ZERO doubt 
as to the effectiveness of this technique in detecting (and potentially 
blocking) backscatter.  We have only run into about three issues that I 
remember:

(a) Some MTA's to which BATV encoded rfc2821.mail values are submitted 
perform "SMTP call-backs."  Often the target MTAs for these call-backs 
are unaware of the use of BATV or are unable to decode and verify the 
BATV encoding.  This is "solved" by instructing customers that they 
should make _all_ their inbound MTA's BATV aware.

(b) There is software out there that continues to make assumptions based 
upon the rfc2821.mail value.  Some older versions of my own software 
were doing this!  These assumptions are often improper (for example, 
matching the rfc2821.mail value against the membership roll for a 
mailing list).  Often, acceptance or rejection of the message is based 
upon these bogus assessments.  The solution here is to educate and fix 
such software.  But, we've also had to institute a white-list so that 
BATV encoding can be avoided when sending to certain problem sites.

(c) Some MTA's force the return-path value to all lower case.  For 
example (and this address is completely made up) 
prvs=111234fdd=Arvel at altn.com becomes prvs=111234fdd=arvel at altn.com. 
This ruins the encoding and causes any subsequent check of the address 
to fail.  This is bad news when an MTA does that and then turns around 
and uses the changed address in an "SMTP call-back" operation.  This 
problem is "solved" by lower-casing all BATV "signer" input prior to 
signing and lower-casing all BATV "verifier" input prior to verifying.

-- 
Arvel Hathcock, CEO
Alt-N Technologies, Ltd.
Trusted Messaging Solutions

------------------------------------------------------------
Powerful protection of Inbound and Outbound email traffic!
Free trial of SecurityGateway for Exchange/SMTP servers at
http://www.altn.com/Products/SecurityGateway-Email-Firewall/
------------------------------------------------------------

Dave Crocker wrote:
> Folks,
> 
> Given how small the changes are, I'm going to suggest that the informal Last 
> Call, for this mailing list, will expire at the end of this week.  In other 
> words, close of business, Friday, 16 May.
> 
> In the interim, I'll suggest that folks who have not already posted a 
> statement of use and utility -- are you using BATV and in what ways it is 
> useful? -- are encouraged to do so.  The IETF pays attention to statements of 
> installed base and utility.  Some silliness about that running code matters...
> 
> After that, I suggest that I post a note to ietf-smtp, stating the intent to 
> request standardization as an Individual Submission, and declaring a 2-week 
> pseudo Last Call for the SMTP non-working group.  This will give the focused 
> SMTP world a chance to offer comments -- positive as well as negative -- prior 
> to the spec's being subjected to the greater unwashed IETF community.