Re: [Emailcore] Ticket #5: G.5. Remove or deprecate the work-around from code 552 to 452?
Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 11 March 2021 23:29 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 778503A138B for <emailcore@ietfa.amsl.com>; Thu, 11 Mar 2021 15:29:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 54pLB-GWS-oc for <emailcore@ietfa.amsl.com>; Thu, 11 Mar 2021 15:29:56 -0800 (PST)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D71C3A1384 for <emailcore@ietf.org>; Thu, 11 Mar 2021 15:29:56 -0800 (PST)
Received: from [192.168.1.177] (unknown [192.168.1.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by straasha.imrryr.org (Postfix) with ESMTPSA id CADEECC951 for <emailcore@ietf.org>; Thu, 11 Mar 2021 18:29:55 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <9A7BDB22F3A0396EF24BF91D@PSB>
Date: Thu, 11 Mar 2021 21:29:55 -0200
Content-Transfer-Encoding: 7bit
Reply-To: emailcore@ietf.org
Message-Id: <5772045E-2EB3-44B7-BCA8-0135DF809C62@dukhovni.org>
References: <ca851fda-63ac-8739-c3eb-bde725aa25f3@isode.com> <c188413b-9337-40d8-8062-9c0f58f6cd98@www.fastmail.com> <CAHej_8kHwEOmq5bf49=Tt6ZEVkuidMhy5s4XPu7JC+k22qraZg@mail.gmail.com> <CAHej_8ma-kDkVh3Oj11R5Fn6BbwJsWfFpx0Zqv61fPL35CJNUA@mail.gmail.c om> <0F2370D0-D04C-45A1-A5A1-8FF1F174FFE5@dukhovni.org> <CAHej_8=deJU1CW2AzDBu5ji3Uir+_zF6Gp59Z-hHRmRipz8Osw@mail.gmail.com> <9A7BDB22F3A0396EF24BF91D@PSB>
To: emailcore@ietf.org
X-Mailer: Apple Mail (2.3654.60.0.2.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/i6T9svsNLj-vJe59LFr5YDag0nE>
Subject: Re: [Emailcore] Ticket #5: G.5. Remove or deprecate the work-around from code 552 to 452?
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2021 23:29:59 -0000
> On Mar 11, 2021, at 7:18 PM, John C Klensin <john-ietf@jck.com> wrote: > > That suggests that, if changes are needed, there are probably > three of them, the first two in the third paragraph of that > section ("If an SMTP server has..."), not in the first one: > > (1) As I have suggested elsewhere, more explanatory > cross-references in this over-complicated document would be a > good idea. So: > > OLD: > If an SMTP server has an implementation limit on the > number of RCPT commands and this limit is exhausted, > > NEW/PROPOSED: > If an SMTP server has an implementation limit on the > number of RCPT commands and this limit is exhausted (See > Section 7.8), I am having trouble piecing together the fragments here, with context not present in this message. Therefore, I am posting a proposed update with commentary: 4.5.3.1.10. Too Many Recipients Code <quote 1> RFC 821 [1] incorrectly listed the error where an SMTP server exhausts its implementation limit on the number of RCPT commands ("too many recipients") as having reply code 552. The correct reply code for this condition is 452. </quote 1> The above is correct and needs no changes. <quote 2> Clients SHOULD treat a 552 code in this case as a temporary, rather than permanent, failure so the logic below works. </quote 2> The above is not followed by any of the major MTAs (Exim, Postfix, or Sendmail, nor any others reported). It MUST be scrapped. If the server responds with 552, the recipient in question will almost always be immediately bounced by the sending client. Note, that the 552 in reply to "RCPT" will not be taken to mean anything about the message as a whole, earlier or subsequent recipients. If any recipients are ultimately not rejected the partially accepted message envelope will be relayed by the client unless the server rejects the "DATA" command. There are no clients that abort the MAIL transaction to start again with smaller recipient batches. Some could take 552 (when not too deeply pipelined) as a single to defer even recipients not yet mentioned, that'd be fine. I don't know of any that do that. Instead clients typically limit the number of recipients per envelope to somewhere south of 100 (perhaps hand-tuned for mail destined to some of the 800lb gorilla providers), and just send all the RCPT commands they intended to send, with perhaps the tail of the list ending up deferred. <quote 3> When a conforming SMTP server encounters this condition, it has at least 100 successful RCPT commands in its recipients buffer. If the server is able to accept the message, then at least these 100 addresses will be removed from the SMTP client's queue. </quote 3> I wish that were true. It would certainly aid interoperability. But the said 800lb gorilla providers have felt free to dictate arbitrary limits below the RFC requirements, and the rest of us have needed to make adjustments if we want to deliver list mail to these players. So long as the server is willing to defer (4XX) 100-N recipients or more without prejudicing any it already accepted, it will interoperate with clients that expect to be able to send up to 100, despite the lower limit. If a server both sets a lower limit, and prevents clients that overshoot that limit from sending even the initially accepted recipients, then the server is outside the interoperability regime defined by the specification. Email to the server will only work if clients are willing to hand-tune their MTAs for the server in question. Such hand-tuning is not always possible by server name or IP (in Postfix we can only hand tune envelope recipient counts by destination domain, before the domain's MX hosts are known). Therefore, such servers are particularly likely to impede email delivery when acting as MX hosts for a large and varying set of email domains. <quote 4> When the client attempts retransmission of those addresses that received 452 responses, at least 100 of these will be able to fit in the SMTP server's recipients buffer. Each retransmission attempt that is able to deliver anything will be able to dispose of at least 100 of these recipients. </quote 4> Largely correct, except that again with the 800lb crowd the actual number may be well south of 100. And yet even the 800 pounders should not feel quite so much at liberty to violate the specs. Don't know what other MTAs, but Postfix expects the server (by default) to accept 50 recipients without friction. Another reason for fewer than 100 is when servers want have the envelope split by some server-specific classification of recipients, that may affect recipient-specific downstream content transformations. In such a case the server might 452 every recipient in a class that is different from that of the first accepted recipient. The remaining recipient classes would then need to be tried in a separate transaction. Such a policy is risky when the number of distinct recipient classes is more than a "handful", as a message sent to a large list may then require more retries than a client is able to schedule before the message expires. On the other hand, messages with a large number recipients are most often sent by mailing-list software that does automated bounce processign, and arranges for each recipient to be associated with a separate envelope sender address, so that bounces can be tracked back to the intended recipient. Only large mailings by an occasional human to a large list of friends, romans, countrymen, ... <quote 5> If an SMTP server has an implementation limit on the number of RCPT commands and this limit is exhausted, it MUST use a response code of 452 (but the client SHOULD also be prepared for a 552, as noted above). </quote 5> Yes, the server MUST respond with 452 when the intent is to have the client "split the envelope", and send the remaining recipients that were not accepted in a separate batch. If, on the other hande, based on the sequence of presented recipient addresses the server has somehow concluded that the client is a spammer, it can of course with full knowledge of the fact that the recipients will NOT be retried, send 552 or better yet at that point, 554. <quote 6> If the server has a configured site-policy limitation on the number of RCPT commands, it MAY instead use a 5yz response code. In particular, if the intent is to prohibit messages with more than a site-specified number of recipients, rather than merely limit the number of recipients in a given mail transaction, it would be reasonable to return a 503 response to any DATA command received subsequent to the 452 (or 552) code or to simply return the 503 after DATA without returning any previous negative response. </quote 6> This is problematic and generally pointless. It serves no purpose and breaks interoperability. Clients can always send multiple copies in separate envelopes, so such absolute limits (below 100) damage interoperability and don't achieve the desired goal of actually stopping the same message arriving to more than a given number of recipients. The solution is quite simple delete the above text, the overall picture is much simpler. Respond with 4XX to defer and 5XX to permanently reject a given RCPT. There's no reason for the specification to dwell on all the creative ways in which a decision to reject might be made. The key thing in this section is to specify that "452" MUST be used when the client should retry the recipient separately because too many were sent so far to process in a single batch on the server. The number of "452" replies the server is willing to send without blocking message delivery or imposing punitive delays that'll prevent transaction completion needs to be at least 100 minus the number of initially accepted recipients. -- Viktor.
- [Emailcore] Ticket #5: G.5. Remove or deprecate t… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alessandro Vesely
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Michael Peddemors
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Michael Peddemors
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Todd Herr
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Viktor Dukhovni
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Jeremy Harris
- [Emailcore] Proposed ESMTP keyword RCPTLIMIT Jeremy Harris
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Jeremy Harris
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Todd Herr
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Viktor Dukhovni
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Laura Atkins
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Brotman, Alex
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Dave Crocker
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Michael Peddemors
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT John Levine
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Laura Atkins
- Re: [Emailcore] Proposed ESMTP keyword RCPTLIMIT Ned Freed
- Re: [Emailcore] [ietf-smtp] Proposed ESMTP keywor… Rolf E. Sonneveld
- Re: [Emailcore] [ietf-smtp] Proposed ESMTP keywor… Ned Freed
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Alexey Melnikov
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Hector Santos
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… John C Klensin
- Re: [Emailcore] Ticket #5: G.5. Remove or depreca… Hector Santos