<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">Hi Michel,<br>
<br>
>Are we monitoring the Internet or monitoring a service using
the proposed SMTP measurement?<br>
First of all, we are monitoring the service of a specific target.
Same as http or ntp measurements, just another protocol. But we
also monitor the Internet. Using an SMTP measurement, we could
identify censorship or discover Man-in-the-middle attacks
(downgrade attack by suppressing the STARTTLS command).<br>
<br>
>Can we achieve the first 2 items of this measurement by doing
a TCP traceroute on port 25?<br>
I would say no. Using TCP Traceroute, you can may check for
reachability/responsiveness of the host, but not the actual
service (smtp).<br>
<br>
>Does the SSL measurement cover the intended use cases?<br>
I would say no. Correct me if am am wrong. Usually (for example
HTTPS or LDAPS) the SSL/TLS encryption starts right after the TCP
3-way Handshake was successfull. For SMTP, that doesn't work.
That's because regular SMTP communication starts first, so both
sides can negotiate if SSL/TLS encryption is possible (via
Enhanced SMTP Status Codes). However, as far as i know, OpenSSL <u>does</u>
support SMTP and STARTTLS. So you could probably modify the
existing SSL measurement.<br>
<br>
Keep in mind that there's also MTA-STS and DANE, which are really
enhancing SMTPs security. A dedicated SMTP measurement would be a
good thing.<br>
<br>
BR,<br>
Simon<br>
<br>
<br>
<br>
On 23.09.22 16:04, Michel Stam wrote:<br>
</div>
<blockquote type="cite"
cite="mid:B5640B9C-ADC1-496C-8145-4D8C48EA8D5D@ripe.net">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Hi everyone,
<div class=""><br class="">
</div>
<div class="">Great that this request sparked a good discussion on
the merits of a measurement, as well as its potential impact on
servers around the world. Good to see this!</div>
<div class=""><br class="">
</div>
<div class="">So I’m going to do a quick recap here, hoping that I
capture the intent and the concerns correctly. Please correct me
if I err.</div>
<div class=""><br class="">
</div>
<div class="">The intent of the measurement would be to validate
whether an SMTP server is:</div>
<div class="">
<ul class="MailOutline">
<li class="">reachable</li>
<li class="">responsive</li>
<li class="">capable of secured transmissions</li>
</ul>
<div class=""><br class="">
</div>
</div>
<div class="">The concern is that such a check would trigger one
of a variety of anti spam measures in place around the world,
and/or cause undue traffic to SMTP server operators.</div>
<div class=""><br class="">
</div>
<div class="">With this in mind, I am wondering: </div>
<div class="">
<ul class="MailOutline">
<li class="">Are we monitoring the Internet or monitoring a
service using the proposed SMTP measurement? </li>
<li class="">Can we achieve the first 2 items of this
measurement by doing a TCP traceroute on port 25?</li>
<li class="">Does the SSL measurement cover the intended use
cases?</li>
<ul class="">
<li class=""> Is it worth exploring STARTTLS support as an
extension and what would the implications be?</li>
</ul>
</ul>
<div class=""><br class="">
</div>
</div>
<div class="">Have a good weekend!</div>
<div class=""><br class="">
</div>
<div class="">Best regards,</div>
<div class=""><br class="">
</div>
<div class="">Michel</div>
<div class="">
<div><br class="">
<blockquote type="cite" class="">
<div class="">On 21 Sep 2022, at 00:11, Avamander <<a
href="mailto:avamander@gmail.com"
class="moz-txt-link-freetext" moz-do-not-send="true">avamander@gmail.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div dir="ltr" class="">> Making arguments based upon
extreme cases, assumptions, or
potential-for-collateral-damage is not scientific. "I
know one that even [...]" Anecdotal evidence isn't
scientific.
<div class=""><br class="">
</div>
<div class="">From the perspective of your previous
sentences that's kinda humorous. "To avoid unnecessary
costs incurred from disruption of service, excessive
traffic, annoyances using up *my* time, and countless
other reasonable rationale from *my* point of view."
Because sure, a few (hypothetical RIPE probe)
connections are exactly that, zero exaggeration,
right?</div>
<div class=""><br class="">
</div>
<div class="">In the end such fail2ban-fueled (or
similar) behaviour I initially addressed, is exactly a
non-scientific extreme-case assumption-based approach.
There are better and even more standard ways. </div>
<div class=""><br class="">
</div>
<div class="">Crutch solutions out in the wild shouldn't
be a showstopper for measuring the ecosystem. (That is
already quite neglected)</div>
<div class=""><br class="">
</div>
<div class="">> What _objective_ risk/benefit
analysis are you basing your opinions upon?<br
class="">
<br class="">
And you? What's the implication here about systems
being as trigger-happy as previously described?</div>
<div class=""><br class="">
</div>
<div class="">Because sure, at some point rate limits
make total sense, but certainly not at the point where
it would ban any potential RIPE probes.</div>
<div class=""><br class="">
</div>
<div class="">> Are you a systems administrator?</div>
<div class=""><br class="">
</div>
<div class="">Let's not get into such measuring
contests, even if it is the RIPE Atlas mailing list.</div>
</div>
<br class="">
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue, Sep 20, 2022
at 11:42 PM Paul Theodoropoulos via ripe-atlas <<a
href="mailto:ripe-atlas@ripe.net"
class="moz-txt-link-freetext" moz-do-not-send="true">ripe-atlas@ripe.net</a>>
wrote:<br class="">
</div>
<blockquote class="gmail_quote" style="margin:0px 0px
0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div class=""> On 9/20/2022 10:45 AM, Avamander wrote:<br
class="">
<blockquote type="cite" class="">
<div dir="ltr" class="">Great to hear it works for
you, but the potential unfortunate collateral
from such a blanket action is not really
RIPE Atlas' problem. There are more fine-grained
methods against bruteforce attempts and open
relay probes, than triggering on a few
connections.</div>
</blockquote>
What _objective_ risk/benefit analysis are you
basing your opinions upon? Are you a systems
administrator? My responsibility is to avoid
unnecessary costs incurred from disruption of
service, excessive traffic, annoyances using up *my*
time, and countless other reasonable rationale from
*my* point of view. <br class="">
<br class="">
You suggest that it is "not really RIPE Atlas'
problem". That's very true. And it is not really my
problem if I bounce yoinky, pointless probes of my
server, and ruthlessly block them from contacting my
server ever again. My server, my choice, my wallet,
nobody's business but my own.<br class="">
<blockquote type="cite" class="">
<div dir="ltr" class="">
<div class="">Some webmasters ban IP's for
simply visiting a domain, I know one that even
dispatches an email to your ISP's abuse@
address upon visit. Should RIPE Atlas probes
then not probe any HTTP servers? The answer is
obviously no, they shouldn't care.</div>
</div>
</blockquote>
Making arguments based upon extreme cases,
assumptions, or potential-for-collateral-damage is
not scientific. "I know one that even [...]"
Anecdotal evidence isn't scientific.<br class="">
<br class="">
Note, I run a probe myself. I don't block any RIPE
Atlas traffic on my separate servers hosted on AWS,
Oracle, and GCE. <br class="">
<br class="">
<div class="">-- <br class="">
Paul Theodoropoulos<br class="">
<a href="https://www.anastrophe.com/"
target="_blank" class="" moz-do-not-send="true">anastrophe.com</a></div>
</div>
-- <br class="">
ripe-atlas mailing list<br class="">
<a href="mailto:ripe-atlas@ripe.net" target="_blank"
class="moz-txt-link-freetext" moz-do-not-send="true">ripe-atlas@ripe.net</a><br
class="">
<a
href="https://lists.ripe.net/mailman/listinfo/ripe-atlas"
rel="noreferrer" target="_blank"
class="moz-txt-link-freetext" moz-do-not-send="true">https://lists.ripe.net/mailman/listinfo/ripe-atlas</a><br
class="">
</blockquote>
</div>
-- <br class="">
ripe-atlas mailing list<br class="">
<a href="mailto:ripe-atlas@ripe.net"
class="moz-txt-link-freetext" moz-do-not-send="true">ripe-atlas@ripe.net</a><br
class="">
<a class="moz-txt-link-freetext" href="https://lists.ripe.net/mailman/listinfo/ripe-atlas">https://lists.ripe.net/mailman/listinfo/ripe-atlas</a><br
class="">
</div>
</blockquote>
</div>
<br class="">
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
<br>
</body>
</html>