MARID explained

MARID was an IETF working group in the applications area tasked to propose standards for email authentication in 2004. The name is an acronym of MTA Authorization Records In DNS.

Background

Lightweight MTA Authentication Protocol (LMAP)[1] was a generic name for a set of 'designated sender' proposals that were discussed in the ASRG in the Fall of 2003, including:

These schemes attempt to list the valid IP addresses that can send mail for a domain. The "lightweight" in LMAP essentially stands for "no crypto", as opposed to DomainKeys and its successor, DKIM.[2] In March 2004, the Internet Engineering Task Force IETF held a BoF on these proposals. As the result of that meeting, the task force chartered the MARID working group.[3]

Controversy

Microsoft's Caller-ID proposal was a late and highly controversial addition to this mix. It came with the following features:

Proceedings

The working group decided to postpone the question of RFC 2821 SMTP identities - i.e. MAIL FROM covered by SPF, or HELO covered by CSV and SPF - in favour of RFC 2822 identities covered by Caller-ID's and later Sender-ID's Purported Responsible Address (PRA). The WG arrived at a point where sender policies could be split into different scopes, like the 2821 MAIL FROM or the 2822 PRA. The MARID syntax also allowed to join different scopes into one policy record, if the sets of permitted IPs are identical, as is often the case.

Less than a week after the publication of a first or MAIL FROM draft, the WG was terminated unilaterally by its leadership. MARID existed only seven months, and no RFCs were published.[4] [5]

The responsible IETF Area Director agreed to sponsor the publication of some of the unfinished MARID discussions as IETF experiments; these happened in 2005, as both the pre-MARID SPF[6] and Sender ID[7] were approved as experimental RFCs. The latter is to a certain degree a result of MARID, growing out of the Caller-ID proposal.

The ongoing disputes on technical issues and incompatibilities in Sender ID resulted later in appeals[8] to the IESG and the IAB.

External links

Notes and References

  1. https://tools.ietf.org/html/draft-irtf-asrg-lmap-discussion-00 Lightweight MTA Authentication Protocol (LMAP) Discussion and Comparison
  2. Web site: How to Read DMARC Reports? . 2023-07-25 . powerdmarc.com . en-US.
  3. https://datatracker.ietf.org/doc/charter-ietf-marid/ MTA Authorization Records in DNS - MARID charter
  4. News: Seltzer . Larry . Internet Task Force Shuts Down Anti-Spam Working Group . 15 May 2019 . eWeek . 22 September 2004.
  5. Web site: Levine . John R. . An analysis of Microsoft's MARID patent applications . John R. Levine . 15 May 2019.
  6. https://tools.ietf.org/html/draft-schlitt-spf-classic-02 Sender Policy Framework (SPF) for Authorizing Use of Domains in E-MAIL, version 1
  7. https://tools.ietf.org/html/draft-lyon-senderid-pra-01 Purported Responsible Address in E-Mail Messages
  8. Web site: Appeal: Publication of draft-lyon-senderid-core-01 in conflict with referenced draft-schlitt-spf-classic-02 . August 25, 2005 . Mehnle, Julian . dead . https://web.archive.org/web/20090822071845/https://www.ietf.org/iesg/appeal/mehnle-2005-08-25.txt . August 22, 2009 .