Client SMTP Authorization
   HOME

TheInfoList



Click Here for Items Related To - Client SMTP Authorization
OR:
Client SMTP Authorization on:   [Wikipedia]   [Google]   [Amazon]

Certified Server Validation (CSV) is a technical method of
email authentication Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the Domain name#Purpose, domain ownership of any message transfer agents (MTA) who particip ...
intended to fight
spam Spam most often refers to: * Spam (food), a consumer brand product of canned processed pork of the Hormel Foods Corporation * Spamming, unsolicited or undesired electronic messages ** Email spam, unsolicited, undesired, or illegal email messages ...
. Its focus is the
SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typi ...
HELO-identity of
mail transfer agent Within the Internet email system, a message transfer agent (MTA), mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using the Simple Mail Transfer Protocol. In some contexts, the a ...
s.


Purpose

CSV was designed to address the problems of
MARID A marid ( ') is a type of devil (''shayṭān'') in Islamic tradition. The Arabic word, meaning "rebellious," is applied to such supernatural beings. Hans Wehr's '' A Dictionary of Modern Written Arabic'' defines ''marid'' as a "demon" or "gian ...
and the ASRG, as defined in detail as the intent of Lightweight MTA Authentication Protocol (LMAP) in an expire
ASRG draft
As of January 3, 2007, all
Internet Draft An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
s have expired and the
mailing list A mailing list is a collection of names and addresses used by an individual or an organization to send material to multiple recipients. Mailing lists are often rented or sold. If rented, the renter agrees to use the mailing list only at contra ...
has been closed down since there had been no traffic for 6 months.


Principles of operation

CSV considers two questions at the start of each SMTP session: * Does a domain's management authorize this MTA to be sending email? * Do reputable independent accreditation services consider that domain's policies and practices sufficient for controlling email abuse? CSV answers these questions as follows: to validate an SMTP session from an unknown sending SMTP client using CSV, the receiving SMTP server: #Obtains the remote
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
of the TCP connection. #Extracts the
domain name In the Internet, a domain name is a string that identifies a realm of administrative autonomy, authority, or control. Domain names are often used to identify services provided through the Internet, such as websites, email services, and more. ...
from the HELO command sent by the SMTP client. #Queries DNS to confirm the domain name is authorized for use by the IP ( CSA). #Asks a reputable Accreditation Service if it has a good reputation (
DNA Deoxyribonucleic acid (; DNA) is a polymer composed of two polynucleotide chains that coil around each other to form a double helix. The polymer carries genetic instructions for the development, functioning, growth and reproduction of al ...
). #Determines the level of trust to give to the sending SMTP client, based on the results of (3) and (4) If the level of trust is high enough, process all email from that session in the traditional manner, delivering or forwarding without the need for further validation.{{Cite web , title=Email Verifier Check - Verifying Emails With Expert Email Validation , url=https://www.ipqualityscore.com/free-email-validation-test , access-date=2023-07-12 , language=en If the level of trust is too low, return an error showing the reason for not trusting the sending SMTP client. If the level of trust is in between, document the result in a header in each email delivered or forwarded, and/or perform additional checks. If the answers to both of the questions at the top of this article are 'Yes', then receivers can expect the email received to be email they want. Mail sources are motivated to make the answers yes, and it's easy for them to do so (unless their email flow is so toxic that no reputable independent accreditation service will vouch for them). CSV is designed to be efficient and elegant, and in this respect it certainly beats SPF's coverage of HELO identities. Client SMTP Authorization (CSA) was a proposed mechanism whereby a domain admin can advertise which mail servers are legitimate originators of mail from his/her domain. This is done by providing appropriate SRV RRs in the DNS infrastructure.


References


External links


CSV home page
an
CLEAR
list archive
CSA
Client SMTP Authorization
DNA
Domain Name Accreditation
CSV
specification Email authentication