[ietf-smtp] FYI: Postfix rationale for delaying various policy checks to RCPT TO
Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 16 December 2019 05:45 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33B65120024 for <ietf-smtp@ietfa.amsl.com>; Sun, 15 Dec 2019 21:45:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lw0m85zPwF2P for <ietf-smtp@ietfa.amsl.com>; Sun, 15 Dec 2019 21:45:30 -0800 (PST)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 178F51200B5 for <ietf-smtp@ietf.org>; Sun, 15 Dec 2019 21:45:29 -0800 (PST)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id 00C034E6E6; Mon, 16 Dec 2019 00:45:27 -0500 (EST)
Date: Mon, 16 Dec 2019 00:45:27 -0500
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: ietf-smtp@ietf.org
Message-ID: <20191216054527.GF11489@straasha.imrryr.org>
Reply-To: ietf-smtp@ietf.org
References: <20191215222928.9DE5A1164C5A@ary.qy> <754203.1576450681@turing-police> <alpine.OSX.2.21.99999.374.1912151831300.63353@ary.qy> <18926580F5114CCCADABE398@PSB>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <18926580F5114CCCADABE398@PSB>
User-Agent: Mutt/1.12.2 (2019-09-21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/LG6McCSO6hx3aQuHSeaI9bNU2ao>
Subject: [ietf-smtp] FYI: Postfix rationale for delaying various policy checks to RCPT TO
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Dec 2019 05:45:32 -0000
On Sun, Dec 15, 2019 at 11:12:21PM -0500, John C Klensin wrote:
[ On the ietf general list ]
> [...] and, while the specification arguably permits it, accepting the
> EHLO and then rejecting the mail transaction only after processing the
> MAIL and at least one RCPT command is probably at least in bad taste.
FWIW, that particular feature has some careful reasoning behind it:
http://www.postfix.org/postconf.5.html#smtpd_delay_reject
smtpd_delay_reject (default: yes)
Wait until the RCPT TO command before evaluating
$smtpd_client_restrictions, $smtpd_helo_restrictions and
$smtpd_sender_restrictions, or wait until the ETRN command
before evaluating $smtpd_client_restrictions and
$smtpd_helo_restrictions.
This feature is turned on by default because some clients
apparently mis-behave when the Postfix SMTP server rejects
commands before RCPT TO.
The default setting has one major benefit: it allows Postfix to
log recipient address information when rejecting a client
name/address or sender address, so that it is possible to find
out whose mail is being rejected.
When an SMTP server returns 5XX in either the greeting or in response to
EHLO, some clients treat that as a connection setup failure, not a
permanent message delivery failure, and move on to the next MX host, and
perhaps ultimately defer and retry the message:
smtp_skip_5xx_greeting (default: yes)
Skip remote SMTP servers that greet with a 5XX status code.
By default, the Postfix SMTP client moves on the next mail
exchanger. Specify "smtp_skip_5xx_greeting = no" if Postfix
should bounce the mail immediately.
The reason for that was that at least at the time, various Microsoft
SMTP servers woul return 5XX greetings under transient high load.
Consequently, Postfix itself is one of the clients that treats
5XX as temporary failures in greetings (though not in EHLO).
Thus client-IP access control rules that would naïvely run at "CONNECT",
are by default deferred to RCPT TO, along with the rules that restrict
"EHLO" and "MAIL".
--
Viktor.
- [ietf-smtp] FYI: Postfix rationale for delaying v… Viktor Dukhovni
- [ietf-smtp] Semantics of 554 greeting? (Clarify i… Viktor Dukhovni