Another round of the mailserver URL

Paul Hoffman (ietf-lists@proper.com)
Fri, 7 Jul 1995 12:35:25 -0700


Message-Id: <v02120c08ac233a69ad03@[165.227.40.32]>
Date: Fri, 7 Jul 1995 12:35:25 -0700
To: uri@bunyip.com
From: ietf-lists@proper.com (Paul Hoffman)
Subject: Another round of the mailserver URL

Greetings. Based on the discussion of John Klensin's concerns with the
mailserver URL draft, I have revised the draft. I've added comments and
changes for all of his concerns. A big thank you to Larry Masinter for his
constructive criticism.

Please review this new draft so we can be sure it reflects the consensus of
the WG.

--Paul Hoffman
--Proper Publishing

IETF URI Working Group
Internet-Draft
draft-ietf-uri-url-mailserver-02
Expires January 8, 1995

                       Mailserver URL Specification

Status of This Memo

     This document is an Internet-Draft.  Internet-Drafts are working
     documents of the Internet Engineering Task Force (IETF), its
     areas, and its working groups.  Note that other groups may also
     distribute working documents as Internet-Drafts.

     Internet-Drafts are draft documents valid for a maximum of six
     months and may be updated, replaced, or obsoleted by other
     documents at any time.  It is inappropriate to use Internet-
     Drafts as reference material or to cite them other than as
     ``work in progress.''

     To learn the current status of any Internet-Draft, please check
     the ``1id-abstracts.txt'' listing contained in the Internet-
     Drafts Shadow Directories on ftp.is.co.za (Africa),
     nic.nordu.net (Europe), munnari.oz.au (Pacific Rim),
     ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast).

Abstract

A new URL scheme, "mailserver", is defined. It allows mail client
software to create RFC822 mail messages from a URL.

Description

In the URL specification, RFC1738, the "mailto" scheme is defined and is
described as:

     Unlike many URLs, the mailto scheme does not represent a data
     object to be accessed directly; there is no sense in which it
     designates an object.

However, there are many resources on the Internet that can only be
accessed by mail that cannot be described by the mailto scheme. To
access such an object, the mail message must have a specified subject
and/or content. For instance, many mail response servers will return a
file if you send a mail message with the proper request.

The "mailserver" URL has the form:

     mailserver:<rfc822-addr-spec>/<subject>/<body>

Client software would prepare a mail message with the given <subject>
text as the subject header field and the <body> text as the body of the
message. <subject> and <body> may have zero length.

Thus, the "mailto" scheme will be used to give the mailing address of a
person or of a mailserver that requires no subject or message body; the
"mailserver" scheme is used to give a template that will cause the
specified resource to be returned.

The client software is responsible for adding all other appropriate mail
headers, including a correct return address for the user, before
sending the message. The mail client software may do more than this;
for example, the client software might check the configured user ID
using SMTP VRFY before sending a message, or adding other useful
headers such as "Comments" and "Content-id". Note, however, that all
headers must be displayed to the user before sending the message.

The body text may span more than one line. Any "/" character in the body
should be interpreted by the mail client as a CRLF sequence when
translating a URL to a mail message. Client software writers should note
that a mailserver URL might be very long, and that maximum URL lengths
may be specified in the future.

The format of the "mailserver" URL scheme was chosen to match that of
the "mailto" scheme. Further, the common URL syntax was not chosen for
many reasons, notably:
- Port numbers are not appropriate for the "mailserver" URL scheme.
- The host name in a mail address has a different meaning than the host
name for other Internet services (due to the use of MX records in the
DNS for finding the appropriate mail server).

Examples

A URL for a mail response system that requires the name of the file in
the subject might be:

<mailserver:infobot@kwf.com/current-issue/>

A mail response system that requires a "send" request in the body might
have a URL that looks like:

<mailserver:infobot@kwf.com//send%20current-issue>

A similar URL could have two lines with different "send" requests:

<mailserver:infobot@kwf.com//send%20current-issue/send%20index>

The "mailserver" scheme would also help people get another type of
Internet resource, namely mailing lists. For example:

<mailserver:majordomo@kwf.com//subscribe%20bamboo-l>

Encoding

RFC1738 requires that many characters in URLs be encoded. This affects
the mailserver scheme for some common characters that might appear in
subjects or message contents. Two such characters are space (" ", ASCII
hex 20) and forward slash ("/", ASCII hex 2F). Note the examples
above that use "%20" for space in the message body. Note further that an
unencoded forward slash in the body area is to be translated by the mail
client to CRLF.

People creating mailserver URLs must be careful to encode any reserved
characters that are used in the URLs so that properly-written URL
interpreters can read them. Also, client software that reads URLs must
be careful to decode strings before creating the mail message so that
the mail messages appear in a form that the recipient will understand.
These strings should be decoded before showing the user the mesage.

For security reasons, the characters 0A hexadecimal (US-ASCII character
LF), and 0D (US-ASCII character CR) must not be decoded by client
software. To indicate new lines in the body text, a URL should use the
forward slash ("/") character, which client software will translate to
CRLF.

The mailserver URL scheme is limited in that it does not provide for
substitution of variables. Thus, a message body that must include a
user's email address can not be encoded using the mailserver URL. This
limitation also prevents mailserver URLs that are signed with public
keys and other such variable information.

Additional BNF for RFC1738

mailserverurl    = "mailserver:" encoded822addr "/" subject "/" body
subject          = *[uchar]
body             = [body_line] *["/" body_line]
body_line        = *[uchar]

where <encoded822addr> is (the encoding of a) mail address, as
specified in RFC 822.

Security

The mailserver scheme is intended to send a message from one user to
another, and thus can introduce many security concerns. Mail messages
can be logged at the originating site, the recipient site, and
intermediary sites along the delivery path. If the messages are not
encoded, they can also be read at any of those sites.

A mailserver URL gives a template for a message that can be sent by mail
client software. The contents of that template may be opaque or
difficult to read by the user at the time of specifying the URL. Thus,
a mail client should never send a message based on a mailserver URL
without first showing the user the full message that will be sent
(including all headers, including the subject specified in the URL),
fully decoded, and asking the user for approval to send the message as
electronic mail. The mail client should also make it clear that the
user is about to send an electronic mail message, since the user may
not be aware that this is the result of a mailserver URL.

Client software must not decode the characters 0A hexadecimal
(US-ASCII character LF), and 0D (US-ASCII character CR). In the subject
field, such decoding would permit header spoofing; there is no need for
these characters in the body field because of the use of the "/"
character.

Examples of problems with sending unapproved mail include:
- mail that breaks laws upon delivery, such as making illegal threats
- mail that identifies the sender as someone interested in breaking laws
- mail that identifies the sender to an unwanted third party
- mail that causes a financial charge to be incurred on the sender
- mail that causes an action on the recipient machine that causes damage
that might be attributed to the sender

Author contact information:

Paul E. Hoffman
Proper Publishing
127 Segre Place
Santa Cruz, CA  95060 USA
Tel: 408-426-6222
phoffman@proper.com