Models for Mail Handling Systems                                           DRAFT 16-Feb-08

The terminology used here may differ from common usage.  Our terminology is "optimized" for discussions of email authentication and reputation systems.   Generally, that means refining the definition of some words, while not contradicting their most common usage.  Thus, we make a distinction between "Forwarding" (with a capital F) and other kinds of relaying that some may call "forwarding".  Here a "Forwarder" is an Agent working on the Recipient's side of the Border.

Agents on the sender's side may be called "Transmitters", or with less precision, sender's relays.  The term "relay" usually means a machine, but is so often used to mean an Agent that we will avoid it in any context where there might be confusion.  Most of our discussions deal with Agents and their roles and responsibilites.

"Transmitter" is a term not generally used in discussions of email, and therefore not in conflict with other usage.  We use it because there is no generally accepted word to describe the sender's Agent at the Border.  The analogy to radio is helpful.

See Forwarding for more discussion of typical problems in Mail Handling Systems.
See Internet Mail Architecture and RFC-2821 for more general terminology.

Actors and Roles:
Actors include Users and Agents
Agents may play more than one role
Typical roles include transmitting, receiving, forwarding, and delivery.
A/B Roles A and B both played by the same Actor
--> Direction of mail flow (no relationship implied)
==> Direct relationship between Actors (e.g. a contract)
~~> Indirect relationship (e.g. both directly related to Recipient)

Simple Setup with four Actors:

|---- Sender's Network -----|           |-- Recipient's Network -|
                                   /
Sender(s) ==> MSA/Transmitter --> / --> Receiver/MDA ==> Recipient
                                 /
                              Border
          
Simple Forwarding is quite common:

          |-------- Recipient's Network ---------|
     /
--> / --> Receiver/Forwarder ~~> MDA ==> Recipient
   /
 Border

Chain Forwarding should be discouraged:

          |------------ Recipient's Network ------------|
     /
--> / --> Receiver ~~> Forwarder(s) ~~> MDA ==> Recipient
   /
 Border

Open Forwarding must be banned:
         
     /                   /    |-- Recipient's Network -|
--> / --> Forwarder --> / --> Receiver/MDA ==> Recipient
   /                   /
 Border              Border

Responsibilities assigned to each role

Sender
- Originate messages
- Provide a password or other means of authentication

MSA - Mail Submission Agent
- Authenticate the Sender
- Manage Sender accounts

Transmitter
- Spam Prevention
  - rate limits, content analysis, alerts
  - respond to spam reports
  - maintain reputation
- Authentication
  - RFC compliance
  - IP authorization (SPF, SID, CSV, ...)
  - signatures & key management (DKIM ...)

Receiver
- Block DoS
- Authenticate Transmitter|Sender
  - HELO, Return Address, Headers, Signature
  - reject forgeries
- Assess reputation
  - whitelist reputable Senders
- Filter spam
- Add authentication headers
- Manage Recipient accounts/options
  - whitelisting, blacklisting, filtering, blocking, forwarding
- Process spam reports

Forwarder
- Authenticate upstream Agent
- Set up forwarding to downstream Agent
  - check RFC compliance
  - set up authentication records
  - submit forwarding request, wait for approval
- Manage Recipient accounts
  - maintain database of forwarding addresses
  - suspend account when a message is rejected
  - communicate w Recipient re  "      "
- Maintain reputation as a trusted Forwarder
  - certifications

MDA - Mail storage and Delivery Agent
- Authenticate upstream Agent
- Sort and store messages
- Provide access for Recipients
  - POP3, IMAP, Webmail
- Manage Recipient accounts/options
- Relay spam reports to Receiver (or don't accept them)

Recipient
- Set up accounts with each Agent
- Select options in each account
- Report spam to Receiver