Re: RFC 5321bis / 2821ter
Paul Smith <paul@pscs.co.uk> Thu, 29 January 2009 17:40 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0THe596031014 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 29 Jan 2009 10:40:05 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0THe5HP031013; Thu, 29 Jan 2009 10:40:05 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from mail.pscs.co.uk (mail.pscs.co.uk [77.240.14.73]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0THe36Y031004 for <ietf-smtp@imc.org>; Thu, 29 Jan 2009 10:40:04 -0700 (MST) (envelope-from paul@pscs.co.uk)
Received: from lmail.pscs.co.uk ([62.3.195.6]) by mail.pscs.co.uk ([77.240.14.73] running VPOP3) with ESMTP; Thu, 29 Jan 2009 17:40:02 -0000
Received: from [192.168.66.101] ([192.168.66.101]) by lmail.pscs.co.uk ([192.168.66.70] running VPOP3) with ESMTP; Thu, 29 Jan 2009 17:36:27 -0000
Message-ID: <4981E916.2040805@pscs.co.uk>
Date: Thu, 29 Jan 2009 17:36:22 +0000
From: Paul Smith <paul@pscs.co.uk>
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: John C Klensin <john+smtp@jck.com>
CC: Alessandro Vesely <vesely@tana.it>, ietf-smtp@imc.org
Subject: Re: RFC 5321bis / 2821ter
References: <4979D903.1060705@pscs.co.uk> <E5EF288BD222F5BA20C735BD@PST.JCK.COM> <497980AA.2060706@es2eng.com> <C4ZHRHThnSMjwwDOZ03z0w.md5@lochnagar.oryx.com> <4979B5F2.9010102@pscs.co.uk> <WBwvOp9JIdw2SWc1HYscRg.md5@lochnagar.oryx.com> <4979D903.1060705@pscs.co.uk> <5.2.1.1.0.20090123140212.03ed3fb0@plus.pop.mail.yahoo.com> <51104ACCD26E8167A1B3981E@PST.JCK.COM> <497D8756.5030306@pscs.co.uk> <alpine.LSU.2.00.0901261913140.4795@hermes-2.csi.cam.ac.uk> <497ED51D.9040407@pscs.co.uk> <497EE0EA.6080704@tana.it> <497EEB01.8060300@pscs.co.uk> <497F41FB.7060101@tana.it> <497F4765.6070109@pscs.co.uk> <497F7058.90109@santronics.com> <498025E0.7080802@pscs.co.uk> <49809046.101@santronics.com> <49816FD7.1040609@pscs.co.uk> <4981CB21.7080801@tana.it> <329705CBE49F16B7218F4E32@PST.JCK.COM>
In-Reply-To: <329705CBE49F16B7218F4E32@PST.JCK.COM>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Authenticated-Sender: paul
X-Server: VPOP3 Enterprise V2.6.0e - Registered
X-Organisation: Paul Smith Computer Services
X-Authenticated-Sender: Postmaster
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
John C Klensin wrote: > The following are all > perfectly valid decisions under 5321 as written: > > * Rejecting the EHLO command and message because the > argument does not follow the syntax rules. > Yes > * Rejecting the EHLO command and message because the > apparent FQDN in the argument does not resolve at all in > the public DNS. > Not sure about this one. The wording says: However, if the verification fails, the server MUST NOT refuse to accept a message on that basis. It doesn't say 'if the domain argument resolves to a different IP address than that of the client it MUST NOT refuse to accept the message on that basis'. It says 'if the verification fails', that could potentially be 'host not found' as well as different IP address or whatever. The 'verifying the argument corresponds to the IP address' is also a bit vague. One person could say that this means that the A record for the argument should match the IP address, but what about CNAMEs, or, could the argument be a name which has an MX record which has an A record matching the IP address. In a sense, that still means the argument corresponds to the IP address (especially since we're talking about mail here). Given that you shouldn't refuse the message on that basis, it doesn't matter what you mean by 'corresponds', but if people are starting to refuse the message (or even 'redirect' it), it might need clarification. This could affect your point above, where 'domain.com' doesn't have an A record (so "doesn't resolve in the public DNS") but does have an MX record referring to the host. > * Noticing that the EHLO argument does not resolve to > the address obtained from the connection, writing a > private-use header into the message that records that > fact, and then forwarding/delivering the message anyway. > > * Noticing that the EHLO argument does not resolve to > the address obtained from the connection, delivering the > message anyway, but delivering it to a folder different > from the one that would normally be used for incoming > messages associated with the RCPT command address. > Yes. There's also the 'not bothering to check the EHLO argument at all', which is valid under 5321 AFAICS. Also AFAICS, it could also use the failure of the EHLO argument as a 'hint' for further spam filtering. Eg, if the EHLO argument didn't resolve to the IP address, it could treat it as 'more suspicious', so do more rigorous spam checking, as long as it doesn't refuse to accept the message solely on the basis of a failed IP address verification. -- Paul Smith VPOP3 - POP3/SMTP/IMAP4/Webmail Email server for Windows
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: RFC 5321bis / 2821ter David MacQuigg
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Hector Santos
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Hector Santos
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter Hector Santos
- Re: RFC 5321bis / 2821ter Mark Andrews
- Re: RFC 5321bis / 2821ter SM
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: Submission identifiers John Leslie
- Re: RFC 5321bis / 2821ter Hector Santos
- Re: RFC 5321bis / 2821ter Alex van den Bogaerdt
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Tony Finch
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Tony Finch
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: Submission identifiers Paul Smith
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: Submission identifiers John C Klensin
- Re: Submission identifiers Steve Atkins
- Re: Submission identifiers David MacQuigg
- Re: RFC 5321bis / 2821ter Tony Finch
- Re: RFC 5321bis / 2821ter Jeff Macdonald
- Re: RFC 5321bis / 2821ter Jeff Macdonald
- Re: RFC 5321bis / 2821ter SM
- Re: Submission identifiers Alessandro Vesely
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: Submission identifiers John Leslie
- Re: RFC 5321bis / 2821ter Steve Atkins
- Re: RFC 5321bis / 2821ter David MacQuigg
- Re: Submission identifiers John C Klensin
- Re: Submission identifiers Alessandro Vesely
- Re: Submission identifiers Arnt Gulbrandsen
- Re: Submission identifiers SM
- Re: Submission identifiers David MacQuigg
- Re: Submission identifiers John C Klensin
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: Submission identifiers Alessandro Vesely
- Re: RFC 5321bis / 2821ter Alex van den Bogaerdt
- Re: RFC 5321bis / 2821ter David MacQuigg
- Re: RFC 5321bis / 2821ter John C Klensin
- Submission identifiers (was: Re: RFC 5321bis / 28… John C Klensin
- Re: RFC 5321bis / 2821ter David MacQuigg
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter John C Klensin
- Re: RFC 5321bis / 2821ter SM
- Re: RFC 5321bis / 2821ter Arnt Gulbrandsen
- Re: RFC 5321bis / 2821ter Matti Aarnio
- Re: RFC 5321bis / 2821ter Arnt Gulbrandsen
- Re: RFC 5321bis / 2821ter Matti Aarnio
- Re: RFC 5321bis / 2821ter Alessandro Vesely
- Re: RFC 5321bis / 2821ter Paul Smith
- Re: RFC 5321bis / 2821ter Arnt Gulbrandsen
- Re: RFC 5321bis / 2821ter Arnt Gulbrandsen
- Re: RFC 5321bis / 2821ter Willie Gillespie
- RFC 5321bis / 2821ter John C Klensin