Draft:  draft-hutzler-spamops-04.txt
Reviewer: Mark Allman 
Date: Wed Jun 29 19:00:56 CEST 2005 

Summary: On the right track, process concerns

Review Comments:
Lucky me, I drew the short straw and was asked to look at this document
that is the subject of a food-fight on ietf at ietf.  Whee!

A couple of caveats, just so we're clear (for any non-gen-art folks who
end up looking at this):

  + I am reading the document without the (ahem) benefit of reading any of
    the discussion on the main IETF list.  I have been busy and just
    have not had time to wade into the proceedings.  Maybe that is a
    good thing anyway.

  + I am reading this document from a general viewpoint, not as someone
    who is intimate with every little detail of email protocols and/or
    current discussions about spam prevention.

So, then the comments...

Basically, I found this document to be nice enough.  I have no problem
with the recommendations in the draft.  They seem like good common sense
sorts of approaches to take.  The draft is well-written and clear.  The
basic point is that there should be ingress filtering on the mail
infrastructure when chatting with mail submitters.  I don't see anything
wrong with that as a BCP sort-of statement.

So, the I have a concern or two, but more about the process and not
about the document...

  * Are there other things that should be included?  E.g., should we be
    recommending against (or for?) blocking of port 25?  Or,
    whatever... like I said, I am not an expert or up-to-date with email
    things.  I'd feel better about the completeness of the document if
    it were solidly reviewed by a few subject matter experts other than
    the authors (who clearly have expertise in this area).  Maybe that
    has happened on the IETF list.

  * A BCP is a statement on behalf of the IETF and given that (a) this
    document did not come from a WG and (b) the level of discussion on
    this i-d on the IETF list I am left wondering if there is really
    consensus here.  Usually I review things from WGs and so I take
    consensus for granted.  And, this is not my call to make.  But, it
    sort of worries me that the IESG is considering this document before
    the document has really been vetted (seemingly).

So, in sum, I think my vote is that the document seems generally OK to
me, yet still not ready for RFC-hood.  Just my perception ...

allman