Re: [apps-discuss] Comments on Malformed Message BCP draft

Tony Finch <> Mon, 18 April 2011 19:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8EB0DE0741 for <>; Mon, 18 Apr 2011 12:13:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.157
X-Spam-Status: No, score=-5.157 tagged_above=-999 required=5 tests=[AWL=1.442, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9DVFkrxCVAg1 for <>; Mon, 18 Apr 2011 12:13:35 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id A4B6DE0694 for <>; Mon, 18 Apr 2011 12:13:35 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
Received: from ([]:36445) by ( []:25) with esmtpa (EXTERNAL:fanf2) id 1QBtt6-0005BU-Pu (Exim 4.72) (return-path <>); Mon, 18 Apr 2011 20:13:32 +0100
Received: from fanf2 (helo=localhost) by ( with local-esmtp id 1QBtt6-0006Dj-0V (Exim 4.67) (return-path <>); Mon, 18 Apr 2011 20:13:32 +0100
Date: Mon, 18 Apr 2011 20:13:32 +0100
From: Tony Finch <>
In-Reply-To: <>
Message-ID: <>
References: <> <> <> <> <3111.1302886222.968467@puncture> <> <>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: Tony Finch <>
Cc: ietf-822 <>, General discussion of application-layer protocols <>
Subject: Re: [apps-discuss] Comments on Malformed Message BCP draft
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 18 Apr 2011 19:13:36 -0000 <> wrote:
> And it isn't a binary choice between rejection and fixup either. What sort of
> fixup makes sense can change over time.

The draft suggests an intermediate option, which is to process the message
using a grammar with more lenient handling of error cases but to pass on
the message unchanged (if it gets passed on). A lot of the risk comes
from doing this (or rather, from doing this inconsistently). I think I'd
like to make a distinction between a relay (which is transparent) and a
security gateway (which does fixups). They should have consistent
behaviour, by which I mean that if a transparent relay is presented with a
corrupt message, it should treat it in the same way as a standard parser
would treat the same message after it has been fixed up by a security

Whether a message gets rejected or not is a somewhat different matter. I
think submission servers can and should be a lot stricter than an MX can
be. Either way, every system needs to parse borderline cases more

f.anthony.n.finch  <>
Rockall, Malin, Hebrides: South 5 to 7, occasionally gale 8 at first in
Rockall and Malin, veering west or northwest 4 or 5, then backing southwest 5
or 6 later. Rough or very rough. Occasional rain. Moderate or good,
occasionally poor.