IETF Logo Mail Archive

Re: STARTTLS & EHLO

SM <sm@resistor.net> Wed, 28 January 2009 22:55 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0SMtNYD073272 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 28 Jan 2009 15:55:23 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0SMtNae073271; Wed, 28 Jan 2009 15:55:23 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from ns1.qubic.net (ns1.qubic.net [208.69.177.116]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0SMtBxM073264 for <ietf-smtp@imc.org>; Wed, 28 Jan 2009 15:55:22 -0700 (MST) (envelope-from sm@resistor.net)
Received: from subman.resistor.net ([10.0.0.1]) (authenticated bits=0) by ns1.qubic.net (8.14.4.Alpha0/8.14.4.Alpha0) with ESMTP id n0SMt04Q024311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-smtp@imc.org>; Wed, 28 Jan 2009 14:55:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1233183309; x=1233269709; bh=dkd8OZmaqmBYK+DNfdj6lXWjXL+p8BAZSvNFtSB7cik=; h=Message-Id:Date:To:From:Subject:In-Reply-To:References: Mime-Version:Content-Type:Cc; b=Vx3Y+NRoGmIIPZNlu5WwyngbR0ERUqz2719GA+kVgGipxtf6G2tGoS3yW6jzU3EVN LQeLeNjPJSB4CUh4lf6YTEqFUENJTgGR1YaL4EJUE61vcmRzNQi8gugd4zKI8KHPsG wDXZfSIpBnHotDNyUSTIz+IDZ2RTKqyXUplgMa94=
DomainKey-Signature: a=rsa-sha1; s=mail; d=resistor.net; c=simple; q=dns; b=sz8YV4f/8WdhICoOhsFNcRmexvS++Di/mB4GEeVopdFedhCgs/b7ABrOCPF+X4Pnb Mv/0BMBSM8A6MkgXpn+LkLOi8dX/Sm4RDrvE6+hsEvWCYZXL3lP260cVy/O9LUNfgcO K8mYvoluGEW8LGJCzvziU+DjVhBgM58ONB+mry0=
Message-Id: <6.2.5.6.2.20090128142633.031092d8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Wed, 28 Jan 2009 14:47:16 -0800
To: ietf-smtp@imc.org
From: SM <sm@resistor.net>
Subject: Re: STARTTLS & EHLO
In-Reply-To: <4980CF1D.4000303@att.com>
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <4980C684.2070300@santronics.com> <4980CF1D.4000303@att.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>

At 13:33 28-01-2009, Tony Hansen wrote:
>Hector, what started this was a client that doesn't use any other
>extended smtp features beyond STARTTLS. So once it had started up TLS,
>it had no use for the output of EHLO, and consequently it didn't bother
>sending either HELO or EHLO after the STARTTLS. This was fine until it
>ran into a server that demanded that EHLO be sent again. Leading to the
>questions on the table: 1) which interpretation of the spec is correct,
>and 2) what should be done once this is decided?

 From RFC 3207:

  "Upon completion of the TLS handshake, the SMTP protocol is reset to
    the initial state (the state in SMTP after a server issues a 220
    service ready greeting)."

The SMTP Client can either send a HELO or EHLO after that.  As the 
SMTP Client supports the service extension (it would not have been 
able to do a STARTTLS without that), the likely command would be EHLO 
to determine which extensions the SMTP server supports.  If we go to 
RFC 2821, we find that "a client MUST issue HELO or EHLO before 
starting a mail transaction."

Paul Hoffman agreed to make some clarifications a few months ago.

Regards,
-sm

v2.23.0 | Report a Bug | By Email