IETF Logo Mail Archive

Re: IETF Policy on dogfood consumption or avoidance - SMTP version

"Valdis Kl=?utf-8?Q?=c4=93?=tnieks" <valdis.kletnieks@vt.edu> Sun, 15 December 2019 22:58 UTC

Return-Path: <valdis@vt.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9AF1120096 for <ietf@ietfa.amsl.com>; Sun, 15 Dec 2019 14:58:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M2ZdlQBQ9Zv8 for <ietf@ietfa.amsl.com>; Sun, 15 Dec 2019 14:58:10 -0800 (PST)
Received: from omr2.cc.vt.edu (omr2.cc.ipv6.vt.edu [IPv6:2607:b400:92:8400:0:33:fb76:806e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 773B412006F for <ietf@ietf.org>; Sun, 15 Dec 2019 14:58:10 -0800 (PST)
Received: from mr2.cc.vt.edu (inbound.smtp.ipv6.vt.edu [IPv6:2607:b400:92:9:0:9d:8fcb:4116]) by omr2.cc.vt.edu (8.14.4/8.14.4) with ESMTP id xBFMw95O012794 for <ietf@ietf.org>; Sun, 15 Dec 2019 17:58:09 -0500
Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by mr2.cc.vt.edu (8.14.7/8.14.7) with ESMTP id xBFMw47I019943 for <ietf@ietf.org>; Sun, 15 Dec 2019 17:58:09 -0500
Received: by mail-qt1-f198.google.com with SMTP id u9so3566883qte.5 for <ietf@ietf.org>; Sun, 15 Dec 2019 14:58:09 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:in-reply-to:references :mime-version:content-transfer-encoding:date:message-id; bh=iXw2LAi8M0bdx+GnxVAEY5tfwAq4n85fhY4DdDsfNRg=; b=GHB6dMhPl3rhpqOsfoZv0XrLrZhGwJ2SbLF4OQ6cJSZJhvrUlT5kwl+CK/AADrAnGL sxU841DRsjHOs04SZgRGUPf4dsqw3nyh2Nz/YkOcbou3WGnhSoXaCuZHuwtTbMzO9yEO F8Pm7/AV2vRZWe8kFD96kLfTFH6Za4pycLeJNvKunwJLKWVue7yyWDwzxEP5MYp28OdM xTXcTw1VU9xztZRtwMN6xnDLlr/1SqcuNN2y8x4gD8RH4fjI1Qyq3MQ+U0tn+AIa5vT7 uBwugGAMt4NQrm12YUt0iZl+WYtt/n1sYw9NhvunSvZb8jy1cGWlxdMrWZFzvacDQYdg I56w==
X-Gm-Message-State: APjAAAUNjDVhz9qtuzW9lSYaU1XOj2g7SXpPMqIX8arshhuI8I8zEV1P eEJbolCK649JPGtM2Pq5R2iBsTDH0onRCmASx9qMBrLg1t/gY/HSaxzf0n3aBaJlx6cMLewYyAp 4ZJMFW7dwcxJs8qU=
X-Received: by 2002:a05:620a:2050:: with SMTP id d16mr18603193qka.473.1576450683998; Sun, 15 Dec 2019 14:58:03 -0800 (PST)
X-Google-Smtp-Source: APXvYqxclPE6Kmh3O1kozTpi8hz7Lhehj/moUsOY5D3vA1wqguJ2PQuf5Xdc0RDqWzZHqMFoe2qhbg==
X-Received: by 2002:a05:620a:2050:: with SMTP id d16mr18603177qka.473.1576450683625; Sun, 15 Dec 2019 14:58:03 -0800 (PST)
Received: from turing-police ([2601:5c0:c001:c9e1::359]) by smtp.gmail.com with ESMTPSA id w21sm6393458qth.17.2019.12.15.14.58.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Dec 2019 14:58:02 -0800 (PST)
Sender: Valdis Kletnieks <valdis@vt.edu>
From: Valdis Kl=?utf-8?Q?=c4=93?=tnieks <valdis.kletnieks@vt.edu>
X-Google-Original-From: "Valdis Klētnieks" <Valdis.Kletnieks@vt.edu>
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7+dev
To: John Levine <johnl@taugh.com>
Cc: ietf@ietf.org, john-ietf@jck.com
Subject: Re: IETF Policy on dogfood consumption or avoidance - SMTP version
In-Reply-To: <20191215222928.9DE5A1164C5A@ary.qy>
References: <20191215222928.9DE5A1164C5A@ary.qy>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_1576450681_8204P"; micalg="pgp-sha1"; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Sun, 15 Dec 2019 17:58:01 -0500
Message-ID: <754203.1576450681@turing-police>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/8kioY58Uy2ZSH6uAWKiyqxcfKDQ>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Dec 2019 22:58:12 -0000

On 15 Dec 2019 17:29:27 -0500, "John Levine" said:
> In article <8EE11B75E1F8A7E7105A1573@PSB> you write:
> >It has recently come to the attention of several of us, via an
> >extended discussion on the SMTP list, that the IETF email
> >servers are rejecting all SMTP connections whose EHLO commands
> >contain IP address literals. ...
>
> $ telnet -4 mail.ietf.org 25
> Trying 4.31.198.44...
> Connected to mail.ietf.org.
> Escape character is '^]'.
> 220 ietfa.amsl.com ESMTP

> quit
> 221 2.0.0 Bye
> Connection closed by foreign host.

It throws the error later in the transaction:

(slice-n-mice from the original report, which had the IP obfuscated)

220 ietfa.amsl.com ESMTP
EHLO [A.B.C.D]
250-ietfa.amsl.com
250-PIPELINING
250-SIZE 67108864
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250 8BITMIME
MAIL FROM:<>
250 2.1.0 Ok
RCPT TO:<ietf-bounces@ietf.org>
550 5.7.1 <[A.B.C.D]>: Helo command rejected: RFC2821 violation

Personally,  my opinion is that if there's indication that a lot of spam or
other malicious mail is arriving from "address literal EHLO" sources, it's
appropriate to respond with a "550 5.7.1 Rejected due to policy reasons",
preferably in response to the EHLO, but at RCPT TO is at least acceptable if
that's where the MTA code says to do it.  I've run mail servers that I set to
throw "550 rejected due to local policy" for *lots* less significant reasons,
and if the Secretariat has been told to reject such mail, "550 5.7.1 due to
local policy" is the *exact* way to implement it.

But claiming it's an RFC2821 violation isn't acceptable.

v2.23.0 | Report a Bug | By Email