From owner-ietf-msgtrk@imc.org Fri Jan 7 18:50:26 2000 Received: from ns.secondary.com (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA29192 for ; Fri, 7 Jan 2000 18:50:25 -0500 (EST) Received: by ns.secondary.com (8.9.3/8.9.3) id PAA14382 for ietf-msgtrk-bks; Fri, 7 Jan 2000 15:37:46 -0800 (PST) Received: from zappa.esys.ca (zappa.esys.ca [198.161.92.28]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA14378 for ; Fri, 7 Jan 2000 15:37:36 -0800 (PST) Received: (from lyndon@localhost) by zappa.esys.ca (8.10.0.Beta8/8.10.0.Beta8) id e07Nb0p19023; Fri, 7 Jan 2000 16:37:00 -0700 (MST) Message-Id: <200001072337.e07Nb0p19023@zappa.esys.ca> From: Lyndon Nerenberg To: Alexey Melnikov cc: Roland Brand , Message Tracking Working Group Subject: Re: New proposal for the interactive message tracking protocol In-reply-to: Your message of "Thu, 23 Dec 1999 19:12:17 MST." <3862D681.EA8F750B@messagingdirect.com> Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Date: Fri, 07 Jan 2000 16:37:00 -0700 Sender: owner-ietf-msgtrk@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: >> 2. The tracking activity is kept away from the e-mail >> system, so that an SMTP server cannot be saturated with >> tracking requests by malicious users. But since tracking the message is intimately tied to SMTP AUTH, I don't see how this could be done (easily) outside of SMTP while staying inside the framework of SMTP AUTH. >> > 3. It requires only slight changes in SMTP, namely to >> generate the logs. Alexey> In most cases MTA already generate logs. However you cannot assume the MTA generates logs anyplace accessable to you. I could very easily ship all the logging info to a seperate write-only log server that the tracking software has no access to. And for popular MTAs that log through syslog(3) (e.g. sendmail), you cannot trust the log data unless you've secured your entire syslog environment. --lyndon