Email security/Bibliography

BCPs relevant to email security
Standards specify what is needed for interoperability of systems on the Internet. Adding to these standards what is needed to deal with current security threats would make the standards too complex, less permanent, and even controversial. Most of the IETF recommendations relevant to email security are found in a series of documents called Best Current Practices (BCPs).

BCP Index, Latest list of RFCs approved as Best Current Practice documents.

BCP-30, RFC-2505, "Anti-Spam Recommendations for SMTP MTAs", G.Lindberg (1999).

BCP-38, RFC-2827, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", P.Ferguson, D.Senie (2000).

BCP-46, RFC-3013, "Recommended Internet Service Provider Security Services and Procedures", T.Killalea (2000).

BCP-134, RFC-5068, "Email Submission Operations: Access and Accountability Requirements", C. Hutzler, D. Crocker, P. Resnick, E. Allman, T. Finch (2007).

Standards track RFCs relevant to email security
RFC-4409, "Message Submission for Mail", R. Gellens, J. Klensin (2006).

RFC-5321, "Simple Mail Transfer Protocol", J. Klensin, ed. (2008).