Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

Keith Moore <> Sun, 27 September 2020 12:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 21A0D3A0ED2 for <>; Sun, 27 Sep 2020 05:43:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.809
X-Spam-Status: No, score=-2.809 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.213, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dLIE7J40oPhx for <>; Sun, 27 Sep 2020 05:43:16 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5B01E3A0ED3 for <>; Sun, 27 Sep 2020 05:43:16 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal []) by mailout.west.internal (Postfix) with ESMTP id 3D18A333; Sun, 27 Sep 2020 08:43:15 -0400 (EDT)
Received: from mailfrontend1 ([]) by compute4.internal (MEProxy); Sun, 27 Sep 2020 08:43:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=x5UYxiQu+My0SBbHAhX4Z/JrSi9UxhhcfqTxzQQyn tQ=; b=lsN5VN0tpebPVd037LHy5l/+ivB0O6lPPTpLMqsL94tA586cLondxRLqI Wat18X2OyhlaGT8gNEQM9DTq+m+BZSBKVpIJOnNSycLF+eofWJoiRllAUwqS9Gpw oCB1OqjFTAHNcFTgeE+/IY5pCoJR0hr7Dpmncc63HuDhdjY6Zo8n4LdjzECujMtn iUoudbyvZW9Se7S0odgIhzXwWdendlkX/pWdBnNFh5l4EUIYok/BsM+vS2iohFE9 XHNNsWb78PtJxhJD8n1TE+DaymYdeJ3P8XxRmeK/85mNLqEmBTfnBAHtyX+bCdpk 0BSOPpbE7do14KtUiCRTYya6AmQGw==
X-ME-Sender: <xms:4YhwXxZ_NCSUGTJnNNlLwQeUpN7BUybHKnfYoNxNpeIClSdbUH92-Q> <xme:4YhwX4b8xRgD_EFNEnJtkPzAM5-XjiHsjIAZajf2VaDz7ORftgv9_jf-pzO1e2BcK z216ggUFtLuYg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvdeggdehiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefuvfhfhffkffgfgggjtgfgsehtkeertddtfeejnecuhfhrohhmpefmvghithhh ucfoohhorhgvuceomhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhmqe enucggtffrrghtthgvrhhnpeehhfeutdehfefgfefghfekhefguefgieduueegjeekfeel leeuieffteefueduueenucfkphepuddtkedrvddvuddrudektddrudehnecuvehluhhsth gvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhoohhrvgesnhgvthif ohhrkhdqhhgvrhgvthhitghsrdgtohhm
X-ME-Proxy: <xmx:4YhwXz9BFWSPth8i5LjqV6ooUvP3XavbrSBLlZptf_o3MwHiZTe3hA> <xmx:4YhwX_rNosJLC5qAMA-NB-qE_j6S9819f-WFA9K2sJysglwLNwOxIw> <xmx:4YhwX8oTHA_zlOzRVTxjUvrpZS3SAUBjkxlS1ljbU5BTeC-3ddsHLw> <xmx:4ohwX512MdonuKAdsvOXhDp_CQVjk0P2l9RWiiulQmtI8dIAOe7LCA>
Received: from [] ( []) by (Postfix) with ESMTPA id 675AA3280060; Sun, 27 Sep 2020 08:43:13 -0400 (EDT)
To: John Levine <>,
References: <20200927052221.E0A1A21D3A2D@ary.qy>
From: Keith Moore <>
Message-ID: <>
Date: Sun, 27 Sep 2020 08:43:12 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <20200927052221.E0A1A21D3A2D@ary.qy>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <>
Subject: Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 27 Sep 2020 12:43:19 -0000

On 9/27/20 1:22 AM, John Levine wrote:

>> At some point in the past, this was _not_ a reliable spam filter. ...
> I think you may be conflating SMTP and submission. For submission,
> you're right, the EHLO argument is frequently some random name that a
> computer thinks it has behind a couple of layers of NAT.
Well, if memory serves, that language from the 5321 originally dates 
from the days when port 25 was routinely used for submission.   So 
that's a useful point.
> For SMTP,
> server to server, I agree with Sam that it is extremely rare for a
> legit message to come from a host that doesn't know its name.

Okay, but should the SMTP standard effectively require that a client 
SMTP know the server's idea of its source IP address?

For example, should the standard insist that client SMTPs have and use 
an outgoing IPv4-capable interface any time the server SMTP is reached 
(directly or indirectly) via IPv4?   Or should client SMTPs be forced to 
use IPv6-to-IPv4 SMTP relays rather than NAT64?    Should we have to 
keep maintaining a public IPv4 network indefinitely (or at least until 
IPv6 is globally ubiquitous)?

To me NAT64 seems like an essential tool for transitioning to IPv6 and 
one quite often chosen by carriers, and I don't see the benefit in 
adding complexity to the SMTP signal chain  (with the consequent 
degradation of reliability)  just to preserve this rule.