Internet DRAFT - draft-heejin-domainbasedemailaddressing
draft-heejin-domainbasedemailaddressing
Internet Engineering Task Force HJ. Lee, Ed.
Internet-Draft Kakao Corp.
Intended status: Informational 17 February 2023
Expires: 21 August 2023
Proposed Specification for Domain-based Email Addressing
draft-heejin-domainbasedemailaddressing-00
Abstract
This document proposes a new email addressing specification that
allows email messages to be sent to all email addresses associated
with a domain. The new format can simplify the email addressing
process and reduce the risk of errors, while maintaining
compatibility with existing email protocols and standards. This
specification includes requirements, design, and security
considerations for the new email addressing format.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 21 August 2023.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
Lee Expires 21 August 2023 [Page 1]
�
Internet-Draft Abbreviated Title February 2023
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Design . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Security Considerations . . . . . . . . . . . . . . . . . . . 4
6. Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . 6
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
9. Security Considerations . . . . . . . . . . . . . . . . . . . 6
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
10.1. Normative References . . . . . . . . . . . . . . . . . . 6
10.2. Informative References . . . . . . . . . . . . . . . . . 6
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
Sending emails to multiple recipients within the same domain can be a
time-consuming and inefficient process, particularly when individual
email addresses must be manually entered. The goal of this proposed
specification is to simplify the email addressing process by allowing
messages to be sent to all email addresses associated with a domain
using the domain name, rather than individual email addresses. By
enabling email messages to be sent to all email addresses within a
domain with just the domain name, this specification will
significantly reduce the time and effort required to send emails to
multiple recipients. Additionally, this specification will help
reduce errors, simplify the email addressing process, and make it
easier to send messages to large groups of recipients within the same
domain.
Lee Expires 21 August 2023 [Page 2]
�
Internet-Draft Abbreviated Title February 2023
2. Motivation
The current email addressing system can be inefficient and time-
consuming, especially when sending messages to multiple email
addresses within the same domain. This often requires manually
entering each email address, which can be prone to errors and can
significantly slow down the email sending process. Moreover, as the
number of recipients increases, it becomes even more challenging to
manage and keep track of all the individual email addresses. The
proposed specification aims to simplify the email addressing process
by enabling emails to be sent to all email addresses associated with
a domain using the domain name, rather than individual email
addresses. This will save time and effort for users, as they will no
longer have to manually enter each email address. Additionally, this
will make it easier to send messages to large groups of recipients
within the same domain, improving communication efficiency in
organizations and among groups of individuals. Finally, by reducing
errors and streamlining the email addressing process, this
specification has the potential to make email communications more
reliable and effective.
3. Requirements
The proposed email addressing specification must fulfill the
following requirements to achieve the goals of simplifying the email
addressing process and reducing errors: 1. All email addresses
associated with a domain must be included in the recipient list when
the domain name is used as the recipient address. 2. The email must
be delivered to all intended recipients within the domain, including
those with email addresses that are not explicitly specified. 3.
The specification must work within the constraints of existing email
protocols and standards, such as the Simple Mail Transfer Protocol
(SMTP) and the Domain Name System (DNS). 4. The new addressing
format must be backwards-compatible with existing email clients and
servers, allowing messages to be sent between systems that have not
yet adopted the new specification. 5. The specification must not
introduce new security vulnerabilities or increase the risk of spam
or other malicious activities. 6. The specification should be
designed in such a way as to be easily adopted and integrated into
existing email systems, minimizing the cost and complexity of
implementation.
Lee Expires 21 August 2023 [Page 3]
�
Internet-Draft Abbreviated Title February 2023
4. Design
The proposed email addressing specification will use the existing
domain name as the recipient address, rather than individual email
addresses. When a message is sent using this new format, the email
server will retrieve a list of all email addresses associated with
the domain name from the Domain Name System (DNS) records. The email
server will then deliver the message to all email addresses
associated with the domain name, including those that are not
explicitly specified in the recipient list. This will ensure that
all intended recipients within the domain receive the message, even
if their email address was not specifically included in the recipient
list. To ensure backwards compatibility with existing email clients
and servers, messages sent using the new addressing format will
include both the domain name and the individual email addresses of
all recipients in the header of the email. This will enable email
clients and servers that have not yet adopted the new specification
to continue to process messages in the existing format. To minimize
the risk of spam and other malicious activities, the email addressing
specification will include measures to verify the authenticity of the
sender and the domain name. For example, email servers may use the
Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM)
to verify the domain name and prevent spam and spoofing. Overall,
the new email addressing format will simplify the email addressing
process, reduce errors, and improve communication efficiency, while
also maintaining compatibility with existing email protocols and
standards.
5. Security Considerations
The proposed email addressing specification introduces a new way to
address email messages and must take into account potential security
risks associated with this new approach. The following security
considerations must be taken into account when implementing the
specification: 1. Sender Authentication: To prevent email spoofing,
it is essential to verify the authenticity of the sender. The Sender
Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) can be
used to authenticate the domain name and ensure that the email has
not been altered in transit. 2. Email Privacy: The specification
must ensure that email content is kept private and not accessible to
unauthorized third parties. Transport Layer Security (TLS) can be
used to encrypt email messages in transit, preventing unauthorized
interception and disclosure of email content. 3. Domain Reputation:
The new addressing format could be used by spammers to send
unsolicited emails, which can harm the reputation of the domain.
Implementing DKIM and DMARC (Domain-based Message Authentication,
Reporting and Conformance) protocols can help mitigate this risk by
ensuring that only authorized senders can use the domain to send
Lee Expires 21 August 2023 [Page 4]
�
Internet-Draft Abbreviated Title February 2023
emails. 4. Denial of Service (DoS) Attacks: The specification must
be designed to prevent DoS attacks, which can be used to overwhelm
email servers and disrupt email services. To mitigate this risk,
email servers can implement rate-limiting or throttling to limit the
number of messages that can be sent in a given time period. 5.
Implementation Risks: The specification should be implemented with
care to avoid introducing new vulnerabilities or compromising the
security of existing email systems. Implementers should thoroughly
test the specification and consider the potential impact of any
changes before deploying it in a production environment. By taking
into account these security considerations, the new email addressing
specification can provide a secure and reliable way to send emails
using domain names, while also reducing the risk of spam, spoofing,
and other security threats.
6. Scenario
Acme Corporation is a company that has recently adopted the proposed
email addressing specification. Prior to the adoption of this new
format, employees at Acme had to manually enter the email addresses
of their intended recipients, which was often time-consuming and
prone to errors. However, with the new email addressing format,
employees can simply enter the domain name of their intended
recipients, and the email will be sent to all email addresses
associated with that domain. For example, if an employee at Acme
wants to send an email to all employees at their subsidiary company,
"Acme Subsidiary," they can simply enter "@acmesubsidiary.com" into
the To: field of their email client. The email will be sent to all
email addresses associated with that domain, including those of
employees who work in different departments, locations, or roles.
This saves time and reduces the risk of errors that can occur when
manually entering email addresses. Furthermore, the new email
addressing format can simplify the process of managing email
addresses for the IT department at Acme. Instead of having to manage
individual email addresses for each employee, they can simply manage
the email addresses associated with each domain. This reduces the
complexity and potential errors associated with managing individual
email addresses for a large organization. Overall, the adoption of
the proposed email addressing specification has streamlined the email
communication process at Acme Corporation, saving time and reducing
errors while maintaining compatibility with existing email protocols
and standards.
Lee Expires 21 August 2023 [Page 5]
�
Internet-Draft Abbreviated Title February 2023
7. Conclusion
The proposed email addressing specification provides a simple and
efficient way to address email messages using domain names. By
enabling email messages to be sent to all email addresses associated
with a domain, this new format can simplify the email addressing
process and reduce the risk of errors. At the same time, the
specification maintains compatibility with existing email protocols
and standards, enabling messages to be exchanged between systems that
have not yet adopted the new format. The security considerations
have been taken into account, and the new format includes measures to
prevent email spoofing, protect email privacy, and prevent DoS
attacks, among other security risks. Overall, the proposed email
addressing specification is a practical and useful solution that can
benefit both email senders and recipients. By facilitating efficient
communication and reducing the risk of errors and security threats,
this new format can enhance the reliability and usefulness of email
as a communication tool.
8. IANA Considerations
This memo includes no request to IANA.
9. Security Considerations
This document does not affect Internet security.
10. References
10.1. Normative References
10.2. Informative References
[RFC5321] Klensin, J., RFC 5321., "Simple Mail Transfer Protocol",
2008.
[RFC5322] Resnick, P., RFC 5322., "Internet Message Format", 2008.
[RFC6530] Klensin, J., RFC 6530., "Overview and Framework for
Internationalized Email", 2012.
[RFC6854] Resnick, P., RFC 6854., "Update to Internet Message Format
to Allow Group Syntax in the "From:" and "Sender:" Header
Fields", 2013.
Author's Address
Lee Expires 21 August 2023 [Page 6]
�
Internet-Draft Abbreviated Title February 2023
Heejin Lee (editor)
Kakao Corp.
Email: dependency@kakao.com
Lee Expires 21 August 2023 [Page 7]
