Re: [ietf-smtp] [Emailcore] Proposed ESMTP keyword RCPTLIMIT

Ned Freed <> Tue, 20 April 2021 14:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BDD743A2693 for <>; Tue, 20 Apr 2021 07:45:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id K_bHyZsnDuIW for <>; Tue, 20 Apr 2021 07:45:33 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AB1FA3A2692 for <>; Tue, 20 Apr 2021 07:45:33 -0700 (PDT)
Received: from by (PMDF V6.1-1 #35243) id <> for; Tue, 20 Apr 2021 07:40:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=201712; t=1618929613; bh=HENwSL9m66kfQ7pZr4jRqctPWC1AQdKVVpfJ4gPZ9yk=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=hiV/6gsT3dokluW4ntg+KcpXWaXXGbyT203BI7ErRJMm4yw+3dezBaSFy2Md5uXzy gG+LvqO2qUTYdq4mYaL4hOtJ/ImzGhx9iHZqU5HEYEp50yUuOmIcoZeNjeGS1tjzQe JXfx+vE/3+Fyz7rzNEBjBwEPAaj56VwasKgIjTws=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Received: from by (PMDF V6.1-1 #35243) id <>; Tue, 20 Apr 2021 07:40:10 -0700 (PDT)
Message-id: <>
Date: Tue, 20 Apr 2021 07:28:03 -0700 (PDT)
From: Ned Freed <>
In-reply-to: "Your message dated Tue, 20 Apr 2021 15:19:15 +0100" <>
References: <> <20210315234648.563C0708B340@ary.qy> <> <> <> <> <> <>
To: Richard Clayton <>
Archived-At: <>
Subject: Re: [ietf-smtp] [Emailcore] Proposed ESMTP keyword RCPTLIMIT
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Apr 2021 14:45:39 -0000

> As you will know, the highest volume receivers have complex machine
> learning systems which can -- after a number of messages -- come to the
> conclusion that sending a SYN-ACK at the start was somewhat of a
> mistake... use of resources is more efficient if you make such senders
> (which dominate) start at the beginning again and you just refuse to let
> them connect "ever again".

True, but it's also the case that such conclusions can be reached
by an all-too-human staff; no fancy ML required.

> > From an engineering standpoint the overhead of 5xx-ing a small number of
> > emails per session once the sender is understood to be bad may be a
> > reasonable tradeoff compared with the complexity of chasing round all of
> > your servers (of which you have rather more than one or two) identifying
> > which open connections should be aborted.

Especially since you can do it at the MAIL FROM, and if the sender proceeds to
send the message anyway or otherwise misbehave rely on the server's built-in
logic to deal with that.

(We actually support both approaches.)

> Other (related) considerations apply to email submitted over
> authenticated connections (you may realise as the email piles up that it
> is likely that the credentials are being misused)

> > What we should be doing is figuring out how to make these limits more clear to
> > senders.

> as I observed before -- don't expect much more than a generic statement
> (which comes down to "sending N good emails is the most you can expect
> to be able to manage") from such systems. Anything which revealed the
> current view ("actually, you've pretty much exhausted our patience")
> just is not going to happen (IMO)

I don't really understand the concern here, and more importantly, how to address
it. Any time you connect to someone else's SMTP server there's a implicit
understanding that it will only accept what you send as long as you send what it
considers to be good stuff. The LIMITS extension operates within this context;
all it does is let the server add to the client's understand of what's
acceptable; in no way does it change that basic understanding.