IETF Logo Mail Archive

Re: STARTTLS & EHLO: Errata text?

Tony Finch <dot@dotat.at> Sun, 01 February 2009 17:14 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n11HEYCQ097830 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 1 Feb 2009 10:14:34 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n11HEY5L097829; Sun, 1 Feb 2009 10:14:34 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from ppsw-6.csi.cam.ac.uk (ppsw-6.csi.cam.ac.uk [131.111.8.136]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n11HELqe097818 for <ietf-smtp@imc.org>; Sun, 1 Feb 2009 10:14:31 -0700 (MST) (envelope-from fanf2@hermes.cam.ac.uk)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:57320) by ppsw-6.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:25) with esmtpa (EXTERNAL:fanf2) id 1LTftk-0004WX-KB (Exim 4.70) (return-path <fanf2@hermes.cam.ac.uk>); Sun, 01 Feb 2009 17:14:20 +0000
Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LTftk-0003qy-7k (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Sun, 01 Feb 2009 17:14:20 +0000
Date: Sun, 01 Feb 2009 17:14:20 +0000
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk
To: Hector Santos <hsantos@santronics.com>
cc: ietf-smtp@imc.org
Subject: Re: STARTTLS & EHLO: Errata text?
In-Reply-To: <4984C49C.5030401@santronics.com>
Message-ID: <alpine.LSU.2.00.0902011706190.10756@hermes-2.csi.cam.ac.uk>
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <alpine.LSU.2.00.0901281434440.4546@hermes-2.csi.cam.ac.uk> <498088B8.9040404@pscs.co.uk> <alpine.LSU.2.00.0901291310080.4546@hermes-2.csi.cam.ac.uk> <4981C0D5.1010401@pscs.co.uk> <4981C6BD.2040900@att.com> <37F39FF37390694B69567838@PST.JCK.COM> <4981E1AB.9000002@att.com> <alpine.LSU.2.00.0901301832470.4795@hermes-2.csi.cam.ac.uk> <49835DE2.3030403@santronics.com> <alpine.LSU.2.00.0901312021190.14750@hermes-2.csi.cam.ac.uk> <4984C49C.5030401@santronics.com>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>

On Sat, 31 Jan 2009, Hector Santos wrote:
>
> So the one question I did have was the response code from the server.  As
> shown, the server issued 550. It was something:
>
>    [TLS established]
>    C: MAIL FROM <xxxx>
>    S: 550 EHLO/HELO required.
>
> Shouldn't the server response be 503 (Bad Sequence of commands)?

Probably. The server in question (Exim) does not have this check
hard-coded. Instead, it has a very general-purpose "ACL" facility for
scripting SMTP-time checks. This allows admins to implemnt all sorts of
things, including checking that HELO or EHLO has been issued before a MAIL
transaction - which is in fact one of the more popular checks. Hence the
response code is a 550 policy failure code rather than something relating
more directly to the SMTP state machine.

> If so, should this be stated in the revised text?

Not in 3207 - this requirement is inherited from 5321.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.

v2.23.0 | Report a Bug | By Email