Network Working Group K. Mimura Request for Comments: 4161 K. Yokoyama Category: Informational T. Satoh K. Watanabe C. Kanaide TOYO Communication Equipment August 2005 Guidelines for Optional Services for Internet Fax Gateways Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract To allow connectivity between the general switched telephone network facsimile service (GSTN fax) and the e-mail-based Internet Fax service (i-fax), an "Internet Fax Gateway" is required. This document provides guidelines for the optional functionality of Internet Fax Gateways. In this context, an "offramp gateway" provides facsimile data transmission from i-fax to GSTN fax; vice versa, an "onramp gateway" provides data transmission from GSTN fax to i-fax. The recommendations in this document apply to the integrated service including Internet Fax terminals, computers with i-fax software on the Internet, and GSTN fax terminals on the GSTN. This document supplements the recommendation for minimal features of an Internet Fax Gateway. In particular, it covers techniques for dropping duplicated fax messages, automatic fax re-transmission, error, return notice, and log handling, and possible authorization methods by DTMF (Dual Tone Multi-Frequency) for onramp gateways.
1. Introduction An Internet Fax Gateway can be classified as either an offramp gateway or an onramp gateway. This document provides guidelines for optional services and examples of Internet Fax Gateway operations. In particular, it covers techniques for dropping duplicated fax messages, automatic fax re-transmission, error, return notice, and log handling, and possible authorization methods by DTMF (Dual Tone Multi-Frequency) for onramp gateways. A more detailed definition of onramps and offramps is provided in . Recommended behaviors for Internet Fax Gateway functions are defined in . This document provides recommendations only for the specific cases hereunder: 1) the operational mode of the Internet Fax is "store and forward", as defined in Section 2.5 of . 2) The format of image data is the data format defined by "simple mode" in . This document does not apply to the gateway functions for "real-time Internet Fax", as described and defined in . 1.1. Key Words The key words "MUST", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as described in . 2. Optional Services for an Offramp Gateway 2.1. Drop Duplicated GSTN Fax Transmission Electronic mail transport agents (MTA) deliver an Internet Fax message into either the recipient's mailbox or an offramp gateway mailbox. Hence, the message is retrieved for further action, which in the case of the offramp gateway, will result in its delivery to the GSTN fax service. The offramp gateway mailbox will thus receive all messages which the gateway will process, regardless of their final, distinct GSTN destinations. As such, addresses like Faxfirstname.lastname@example.org Faxemail@example.com Faxfirstname.lastname@example.org
will all end up in the offramp gateway mailbox corresponding to the "example.com" domain. However, the handling of e-mail messages (including those of Internet Faxes) that contain more than one recipient, but are directed to the same final MTA, can be different, depending on the MTA configuration or features. A single message with multiple recipients in the SMTP envelope  is likely to be the most common case on the mail transport system, but it may happen that multiple copies of the same message are transmitted, one per recipient. Or it may happen that the final MTA is set to deliver a separate copy of the message per recipient into the final mailbox, supposing it is delivering messages to real mailboxes of distinct endusers. Thus, it may happen that the offramp gateway receives multiple copies of the same Internet Fax message that is to be delivered to different GSTN destinations, which are listed together and repeatedly in the e-mail message headers  of the Internet Fax. In such cases, the offramp gateway SHOULD implement techniques to avoid duplicate or multiple transmission over GSTN of the same fax message to the same recipient. Here are some possible, but non-exclusive, examples of these techniques. 2.1.1. SMTP Envelope Addresses Check Using the SMTP  envelope destination address given in the "RCPT TO" field is usually the best technique to ensure that a received message is delivered to that address, and to avoid duplicate deliveries. If the offramp gateway has the "RCPT TO" information still available during processing, then it MUST use it to determine the recipients over GSTN fax service. 2.1.2 Message-ID Check If the SMTP "RCPT TO" information is not available (for example, in the case where the offramp gateway retrieves messages from its mailbox using either POP  or IMAP ), the message header "Message-ID" (see ) MAY be used to check if a message has already been processed, and hence avoid retransmission to all its GSTN recipients handled by the offramp gateway.
2.2. Error Handling 2.2.1. Recoverable Errors Recoverable errors that happen during GSTN transmission are those where there is good chance that the error may not occur at the next attempt. This category includes "busy signal", "no line/carrier signal", etc. For all these errors, the offramp gateway SHOULD re-queue the message and perform a retransmission attempt later on, as specified in Section 2.3. 2.2.2. Non-Recoverable Errors If the error that occurs during GSTN transmission is likely non- recoverable, the offramp gateway SHOULD NOT attempt retransmission, and an error Message Delivery Notification (MDN) with appropriate error codes MUST be generated for the Internet Fax message sender. Examples of non-recoverable errors include paper-related errors (such as a jam, an empty tray, etc.) at a remote device, no response from a remote destination, voice response errors, data modem response errors, and stop event errors. 2.3. Automatic Re-Transmission Handling An offramp gateway SHOULD implement a function that automatically tries to send facsimile data again if recoverable delivery failure occurs. If this function is implemented, then: - the retry times and retry interval MAY be specified as options by the administrator of the offramp gateway; - any error return notice SHOULD be sent only when the maximum number of retries has been completed without success; - if transmission is suspended due to an error, then the subsequent transmission attempt SHOULD avoid retransmitting the pages already delivered successfully, if any. 2.4. Multiple Return Notice Handling An offramp gateway can receive an Internet Fax for delivery to multiple GSTN recipients. If errors occur, which require the Internet Fax sender to be informed about them, or if the Internet Fax sender requested delivery notifications, then the offramp gateway has various ways to handle these multiple return notices:
1) An offramp gateway sends a return notice as soon as an error or a successful delivery occurs, per single GSTN recipient. 2) An offramp gateway gathers all information about the message, but sends a return notice only after all or a number of GSTN recipients have been handled (successfully or not). If Case 2 is implemented, then the offramp gateway MAY also choose to send separate success and failure notices, or to limit the number of GSTN recipients handled per single return note (for example, no more than 10 recipients per return note). 2.5. Handling Transmission Errors for a Return Notice When an offramp gateway fails in the transmission of a return notice, the Internet Fax Gateway SHOULD process the notice in either of the following ways: 1) The return notices SHOULD be re-queued, and delivery retried later. The number of retry attempts and the time interval between them MAY be a feature configured by the offramp gateway administrator. This is the preferred method to implement; however, if all the retransmission attempts fail, processing SHOULD continue as in Case 2. 2) If the gateway does not have enough capabilities to handle notice re-queuing, but has a log information preservation function, the error information SHOULD be recorded to a log, and processing SHOULD end. At this time, the administrator of the gateway system SHOULD be notified of these errors using a specific method (for example, by an e-mail message). 3) If the gateway does not even have a log information preservation function, the administrator SHOULD be notified about the failure (for example, via an e-mail message), and processing SHOULD end. 2.6. Offramp Gateway Log An offramp gateway SHOULD have a function that keeps information listed as a log, either specific to the fax gateway or in a log file that exists locally on the gateway or remotely. If the fax gateway or the remote system are equipped with recording media, the log information SHOULD be saved as a log file. As a last resort, if no recording media are available, the log MAY be printed.
The information listed in the log MAY be the following: - Date and time when the Internet Fax is received - Sender address - Recipient address(es) - Start date and time of transmission over GSTN - End date and time of transmission over GSTN - Number of actually transmitted pages - Number of actually transmitted bytes - Fax resolution used - Error codes/text that occurred during transmission - Number of transmission attempts (retries) - Date and time of transmission of the (eventual) delivery notice 3. Optional Services for an Onramp Gateway 3.1. Examples of User Authorization An onramp gateway MAY have a user authorization function to confirm that the user is authorized to transmit a facsimile into the Internet fax service. For example, user authorization may be accomplished by getting a user ID and password received by DTMF, or via a local authorization table based on the GSTN caller-ID. The following subsections give some possible examples, but other methods are also possible. 3.1.1. Authorization via GSTN Caller-ID The most simple method to authenticate and authorize a GSTN fax service user is to use the GSTN caller-ID. If available, in fact, the caller-ID is generated by the GSTN network service itself, and it is quite difficult to produce fake caller-IDs. In other words, the security related to this authentication method relies on the confidence that the GSTN caller-ID service is secure by itself. The GSTN sender MAY be authorized via a lookup into a table managed by the onramp gateway administrator, via complete or partial (wildcard) matches. 3.1.2. Authorization via GSTN Fax "Station ID" During the initial GSTN fax service negotiation, the sender fax can send various information to the onramp gateway, including the "station ID" alphanumeric string. This string MAY be used to transmit authentication and authorization information for subsequent lookup by the onramp gateway. Thus, user ID and an eventual password MAY be sent inside this string.
However, if used as the only authentication, this method is much less secure than the caller-ID one because the user of the calling GSTN station can decide which string to send, and the string travels in clear form over the GSTN. Given this security warning, this method allows more flexibility to the GSTN user: in fact, it is not tied to a single GSTN fax terminal, and authorization can be obtained from anywhere, provided the sender has the possibility to configure the "station ID" on the device being used. A combination of caller-ID and station ID checks MAY, on the other hand, result in a greatly improved level of security. 3.1.3. Authorization via DTMF An onramp gateway MAY implement the Authorization function by requesting that a user ID and password information are sent over GSTN via DTMF. For example, this function MAY be accomplished by requesting that the DTMF information is sent immediately after the connection over GSTN is established, before starting the GSTN fax negotiation; but other methods are also possible. 3.2. Onramp Gateway Log An onramp gateway SHOULD have a function that keeps information listed as a log, either specific to the fax gateway or in a log file that exists locally on the gateway or remotely. If the fax gateway or the remote system are equipped with recording media, the log information SHOULD be saved as a log file. As a last resort, if no recording media are available, the log MAY be printed. The information listed in the log MAY be the following: - Start date and time of transmission from GSTN - End date and time of transmission from GSTN - Number of actually received pages - Number of actually received bytes - Fax resolution used - Sender address (if available) - Recipient address(es) - Date and time when the Internet Fax is sent - Error codes/text that occurred during Internet Fax transmission - Number of transmission attempts (retries) - Date and time of transmission of the (eventual) delivery notice
4. Security Considerations Refer to Section 3.1 ("User Authorization") for authentication for an onramp gateway. In particular, sending user IDs and passwords in clear, as described in Section 3.1.2, can pose high security risks, and thus is NOT RECOMMENDED. S/MIME  and OpenPGP  can also be used to encrypt an Internet Fax message. A signed or encrypted message is protected while transported along the network; however, when a message reaches an Internet Fax Gateway, either onramp or offramp, this kind of protection cannot be applied anymore. In this situation, security must rely on trusted operations of the gateway itself. A gateway might have its own certificate/key to improve security operations when sending Internet Faxes, but, as with any gateway, it breaks the end-to-end security pattern of both S/MIME and OpenPGP. Other security mechanisms, like IPsec  or TLS  also do not ensure a secure gateway operation. Denial-of-service attacks are beyond the scope of this document. Host compromise caused by flaws in the implementation is beyond the scope of this document. 5. Acknowledgments Thanks to Claudio Allocchio (Consortium GARR, Italy) for its final review of this document, and for contributing the authorization and security sections of this document. 6. References 6.1. Informative References  Masinter, L., "Terminology and Goals for Internet Fax", RFC 2542, March 1999.  Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3852, July 2004.  Callas, J., Donnerhacke, L., Finney, H., and R. Thayer, "OpenPGP Message Format", RFC 2440, November 1998.  Kent, S. and R. Atkinson, "Security Architecture for the Internet Protocol", RFC 2401, November 1998.
 Kent, S. and R. Atkinson, "IP Authentication Header", RFC 2402, November 1998.  Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001.  Piper, D., "The Internet IP Security Domain of Interpretation for ISAKMP", RFC 2407, November 1998.  Thayer, R., Doraswamy, N., and R. Glenn, "IP Security Document Roadmap", RFC 2411, November 1998.  Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", RFC 3546, June 2003.  Elkins, M., Del Torto, D., Levien, R., and T. Roessler, "MIME Security with OpenPGP", RFC 3156, August 2001.  Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC 2631, June 1999.  Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling", RFC 3850, July 2004.  Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004.  Hoffman, P., "Enhanced Security Services for S/MIME", RFC 2634, June 1999. 6.2. Normative References  Mimura, K., Yokoyama, K., Satoh, T., Kanaide, C., and C. Allocchio, "Internet Fax Gateway Requirements", RFC 4160, August 2005.  Toyoda, K., Ohno, H., Murai, J., and D. Wing, "A Simple Mode of Facsimile Using Internet Mail", RFC 3965, December 2004.  Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.  "Procedures for real-time Group 3 facsimile communication over IP networks", ITU-T Recommendation T.38, June 1998.
 Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, April 2001.  Resnick, P., "Internet Message Format", RFC 2822, April 2001.  Myers, J. and M. Rose, "Post Office Protocol - Version 3", STD 53, RFC 1939, May 1996.  Crispin, M., "Internet Message Access Protocol - Version 4rev1", RFC 3501, March 2003.
Authors' Addresses Katsuhiko Mimura TOYO Communication Equipment CO., LTD. 2-1-1 Koyato, Samukawa-machi, Koza-gun Kanagawa-pref., Japan Fax: +81 467 74 5743 EMail: email@example.com Keiichi Yokoyama TOYO Communication Equipment CO., LTD. 2-1-1 Koyato, Samukawa-machi, Koza-gun Kanagawa-pref., Japan Fax: +81 467 74 5743 EMail: firstname.lastname@example.org Takahisa Satoh TOYO Communication Equipment CO., LTD. 2-1-1 Koyato, Samukawa-machi, Koza-gun Kanagawa-pref., Japan Fax: +81 467 74 5743 EMail: email@example.com Ken Watanabe TOYO Communication Equipment CO., LTD. 2-1-1 Koyato, Samukawa-machi, Koza-gun Kanagawa-pref., Japan Fax: +81 467 74 5743 EMail: firstname.lastname@example.org Chie Kanaide TOYO Communication Equipment CO., LTD. 2-1-1 Koyato, Samukawa-machi, Koza-gun Kanagawa-pref., Japan Fax: +81 467 74 5743 EMail: email@example.com
Full Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- firstname.lastname@example.org. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society.