Re: [ietf-smtp] Variable HELO name, was DSNs

Ned Freed <> Sun, 26 April 2020 14:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4A9BE3A0657 for <>; Sun, 26 Apr 2020 07:37:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QywQROtcgJvx for <>; Sun, 26 Apr 2020 07:37:28 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 818B73A0651 for <>; Sun, 26 Apr 2020 07:37:27 -0700 (PDT)
Received: from by (PMDF V6.1-1 #35243) id <> for; Sun, 26 Apr 2020 07:32:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=201712; t=1587911539; bh=sFne3icNvcgIiEx6IjUsr8NIXSUrBWneoUYN0lSYVec=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=SDOydhrfStKk12bTaxRBQobuB0NyVw7zP5yrK5pddI65H0Qngqr3KSEs95BnVymcE LrYaKDUKmkl4HVHkUTA2LPZExtsoIu6/A48Gbif9KRHgfkgD2jT69v1oYes67U9Gc+ NL8THXMxJuErE9bVoOiGHavPGFe2MHMO6csIXs5Q=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii
Received: from by (PMDF V6.1-1 #35243) id <>; Sun, 26 Apr 2020 07:32:14 -0700 (PDT)
Message-id: <>
Date: Sun, 26 Apr 2020 07:20:52 -0700 (PDT)
From: Ned Freed <>
In-reply-to: "Your message dated Sun, 26 Apr 2020 12:04:12 +0200" <>
References: <20200409230011.F039B17637D0@ary.qy> <alpine.OSX.2.22.407.2004091945050.80689@ary.qy> <> <> <r7fq4k$1nm5$> <C1A5FAAA942E0F363CA177C0@PSB> <> <> <> <> <> <CCD9771E28F1C5438052BB1A@PSB> <>
To: Alessandro Vesely <>
Archived-At: <>
Subject: Re: [ietf-smtp] Variable HELO name, was DSNs
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 26 Apr 2020 14:37:30 -0000

> On 26/04/2020 00:41, John C Klensin wrote:
> >
> > Suppose there were correspondents, or even domains, for which I have found
> > read receipts useful and something I'm willing to let them use.  So, because
> > of them, I advertise the availability of that feature in the EHLO response.
> > When the MAIL command comes along and doesn't contain that domain or
> > mailbox, I reject the request.  Now, which mailboxes or domains to accept is
> > an operational decision, but the behavior, AFAICT, is fully conforming and
> > it certainly don't mean that the features doesn't work, just that I have an
> > operational policy prohibiting its use in most circumstances.

There are lots of ways to offer NOTIFY=SUCCESS selectively depending on what
you're trying to accomplish. Keeping in mind that it's a RCPT TO parameter,
another possibiity is to only allow it on domains within the ADMD.

Given all the possible uses and ways of authorizing them, it is perhaps better
to focus on the one problematic case: Relay between ADMDs where the server
doesn't trust the client.

> Wow, I never tried that at home!

> A decade ago we fantasized about a Verified Hello, whereby:

>    Non-empty arguments of the MAIL FROM commands are restricted to
>    addresses whose domain part consists of the authenticated Domain.

> Otherwise, the reply code is ambiguous.  For example:

>   4xx HELO name/MAIL FROM inconsistency, try another session.

> AFAIK, the HELO name is practically constant for most mailouts, so the above
> reply will make the relevant message bounce for days, until timeout.

The EHLO name is necessarily consistent with the DNS entries for the client IP.
It most certainly is not reliably the same as the MAIL FROM domain, especially
when operating at scale. And foccing a disconnect/reconnect in such cases is
highly problematic given that we have no means of indicating that's what's
needed, and even if we added one, no existing client would understand it.