One document matched: draft-hansen-4468upd-mailesc-registry-02.xml
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc1893 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.1893.xml'>
<!ENTITY rfc2821 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2821.xml'>
<!ENTITY rfc2434 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2434.xml'>
<!ENTITY rfc3463 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3463.xml'>
<!ENTITY rfc3886 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3886.xml'>
<!ENTITY rfc4468 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4468.xml'>
]>
<?rfc toc='yes' ?>
<?rfc symrefs='yes' ?>
<?rfc sortrefs='no'?>
<?rfc linkmailto='no'?>
<?rfc compact='no'?>
<?rfc comments='yes'?>
<?rfc inline="yes"?>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<rfc ipr='full3978'
updates='3463,4468' category='std' >
<front>
<title abbrev='SMTP Enhanced Status Code Registry'>A Registry for SMTP Enhanced Mail System Status Codes</title>
<author initials='T.' surname='Hansen' fullname='Tony Hansen'>
<organization>AT&T Laboratories</organization>
<address>
<postal>
<street>200 Laurel Ave.</street>
<city>Middletown</city>
<region>NJ</region>
<code>07748</code>
<country>USA</country>
</postal>
<email>tony+mailesc@maillennium.att.com</email>
</address>
</author>
<author fullname="John C Klensin" initials="J.C." surname="Klensin">
<organization/>
<address>
<postal>
<street>1770 Massachusetts Ave, Ste 322</street>
<city>Cambridge</city> <region>MA</region>
<code>02140</code>
<country>USA</country>
</postal>
<phone>+1 617 245 1457</phone>
<email>john+ietf@jck.com</email>
</address>
</author>
<date year='2007' />
<area>Applications</area>
<keyword>SMTP</keyword>
<keyword>Status Codes</keyword>
<abstract>
<t>This document establishes an IANA registry for SMTP Enhanced Status Codes.</t>
</abstract>
</front>
<middle>
<section title='Introduction'>
<t>
Enhanced Status Codes for SMTP were first defined in <xref target='RFC1893' />,
subsequently replaced by <xref target='RFC3463'/>.
Since that time, various RFCs have been published and internet drafts proposed
that define further status codes.
However, no IANA registry was defined for the status codes and conflicts in definitions have begun to appear.
This RFC defines such an IANA registry and was written to help prevent further conflicts from appearing in the future.
</t>
<t>
This document is being discussed on the SMTP mailing list, <eref target='mailto:ietf-smtp@imc.org'>ietf-smtp@imc.org</eref>.
</t>
</section>
<section title='IANA Considerations'>
<t>
IANA is directed to create the registry Mail Enhanced Status Codes.
In the terms of <xref target='RFC2434'/>, values of Enhanced Status Codes
must be registered with IANA under the IETF Review (formerly known as the IETF Consensus) method.
(Specifically, new values are assigned only through RFCs
that have been shepherded through the IESG as IETF (AD-Sponsored or WG) documents.)
</t>
<t>
The Mail Enhanced Status Codes registry will have three tables:
<list style='symbols'>
<t>
class sub-code,
</t>
<t>subject sub-code, and
</t>
<t>enumerated status codes, which include both a subject sub-code and a detail sub-code.
</t>
</list>
</t>
<t>
Each entry in the tables will include:
<list style="numbers">
<t>The sub-code or enumerated status code,
which will be a numeric code consisting of three components, as
specified in RFC 3463.</t>
<t>Text expected to be associated with the code.
</t>
<t> A short description of the code, including the
basic reply code of RFC 2821
<xref target="RFC2821"/> with which it is
associated.
</t>
<t>A reference to the document in which the code is
defined.
This reference should note whether the
relevant specification is standards-track or
not.</t>
<t> The identity of the submitter or registrant
("IESG" in the case of IETF-produced
documents).
</t>
</list>
</t>
<t>
An example of an entry in the enumerated status code table would be:<vspace/>
<list style='hanging'>
<t hangText='X.0.0 Other undefined Status'>
<vspace/>
Other undefined status is the only undefined error code.
<vspace/>
X.0.0 should be used for all errors for which only the class of the
error is known.
</t><t hangText=''>
Defined in RFC 3463.
</t><t hangText=''>
Registered by IESG.
</t>
</list>
</t>
<t>
The initial values for the class and subject sub-code tables is to be populated from section 2 of <xref target='RFC3463'/>.
Specifically, these are the values for 2.XXX.XXX, 4.XXX.XXX and 5.XXX.XXX for the class sub-code table,
and the values X.0.XXX, X.1.XXX, X.2.XXX, X.3.XXX, X.4.XXX, X.5.XXX, X.6.XXX and X.7.XXX for the subject sub-code table.
Each entry is to be designated as defined in RFC 3463 and registered by IESG.
</t>
<t>
The initial values for the enumerated status code table is to be populated from sections 3.1 through 3.8 of <xref target='RFC3463'/>,
(X.0.0, X.1.0 through X.1.8, X.2.0 through X.2.4, X.3.0 through X.3.5, X.4.0 through X.4.7,
X.5.0 through X.5.5, X.6.0 through X.6.5, and X.7.0 through X.7.7)
section 3.3.4 of <xref target='RFC3886'/> (X.1.9),
and the definition of X.6.6 found in section 5 of <xref target='RFC4468'/>.
Each entry is to be designated as defined in the corresponding RFC and registered by IESG.
</t>
<t>
The following additional definitions are to be registered in the enumerated status code table.
<list style='hanging'>
<t hangText="X.5.6 Authentication Exchange line is too long">
<vspace/>
This enhanced status code SHOULD be returned when the server fails
the AUTH command due to the client sending a response which
is longer than the maximum buffer size available for the currently
selected SASL mechanism.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText='X.7.8 Trust relationship required or Authentication credentials invalid'>
<vspace/>
Because of conflicting definitions in different documents,
this value should no longer be used.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText="X.7.9 Authentication mechanism is too weak">
<vspace/>
This response to the AUTH command indicates that the selected
authentication mechanism is weaker than server policy permits for
that user. The client SHOULD retry with a new authentication
mechanism.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText="X.7.10 Encryption Needed">
<vspace/>
This indicates that external strong privacy layer is needed in
order to use the requested authentication mechanism. This is
primarily intended for use with clear text authentication
mechanisms. A client which receives this may activate a
security layer such as TLS prior to authenticating, or attempt
to use a stronger mechanism.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText="X.7.11 Encryption required for requested authentication mechanism">
<vspace/>
This indicates the user's passphrase or passphrase has expired
and needs to be changed. Many sites have a policy which
forbids a passphrase or passphrase from being used too long.
These sites will set a time period after which passphrases
must be changed. Some sites also pre-expire passphrases set
by a system administrator, such that a user must change their
passphrase prior to using their account. A client which
receives this error code can treat it as a user request to
change her passphrase.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText="X.7.12 A password transition is needed">
<vspace/>
This response to the AUTH command indicates that the user needs to
transition to the selected authentication mechanism. This is
typically done by authenticating once using the [PLAIN]
authentication mechanism. The selected mechanism SHOULD then work
for authentications in subsequent sessions.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText="X.7.13 User Account Disabled">
<vspace/>
Sometimes a system administrator will have to disable a user's
account (e.g., due to lack of payment, abuse, evidence of a
break-in attempt, etc). This error code occurs after a
successful authentication to a disabled account. This informs
the client that the failure is permanent until the user
contacts their system administrator to get the account re-
enabled. It differs from a generic authentication failure
where the client's best option is to present the passphrase
entry dialog in case the user simply mistyped their
passphrase.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText='X.7.14 Trust relationship required'>
<vspace/>
The submission server requires a configured trust relationship
with a third-party server in order to access the message content.
This value replaces the prior use of X.7.8 for this error condition.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
<t hangText='X.7.15 Authentication credentials invalid'>
<vspace/>
Authentication failed due to invalid or insufficient authentication credentials.
This value replaces the prior use of X.7.8 for this error condition,
thereby updating <xref target='RFC4468'/>.
<vspace/>Defined by RFC XXXX. Registered by IESG.
</t>
</list>
</t>
</section>
<section title="Security Considerations">
<t>
As stated in <xref target='RFC1893'/>, use of enhanced status codes may disclose additional
information about how an internal mail system is implemented beyond
that available through the SMTP status codes.
</t>
<t>Many proposed additions to the response code list are security related.
Having these registered in one place to prevent collisions will improve their value.
Security error responses can leak information to active attackers (e.g.,
the distinction between "user not found" and "bad password" during authentication).
Documents defining security error codes should make it clear when this is the case so SMTP
server software subject to such threats can provide
appropriate controls to restrict exposure.</t>
</section>
<section title='Acknowledgements'>
<t> Thanks go to the members of the <eref target='mailto:ietf-smtp@imc.org'>ietf-smtp@imc.org</eref> mailing list.
</t>
</section>
</middle>
<back>
<references title='Normative References'>
&rfc3463;
&rfc2821;
&rfc3886;
&rfc4468;
</references>
<references title='Informative References'>
&rfc1893;
&rfc2434;
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 05:44:29 |