Prev: address rewriting for remote clients
Next: Rejecting invalid email addresses with SMTP relay/forward
From: Philippe Cerfon on 27 Dec 2009 12:10
On Sun, Dec 27, 2009 at 2:11 AM, Wietse Venema <wietse(a)porcupine.org> wrote:
> With "smtpd_helo_required = yes", the Postfix SMTP server requires
> HELO (or EHLO) before the MAIL, ETRN and AUTH commands (*).
I've just tried it vor ETRN, and as far as I understand the RFC it
should not be necessary for ETRN (as well as AUTH and STARTTLS which
you named) to require HELO/EHLO.


> If you disagree, then you MUST show the evidence that Postfix
> behaves otherwise.
Well,.. I do not claim that the RFC is superior in all points. I've
just read that HELO/EHLO should be only necessary for mail
transactions (=> MAIL)... q.e.d. ;-)


I don't wanna be nit-picking,.. but as I read through rfc 5321 right
now, I found some other places where postfix might be not stricly
speaking compliant... or where the check/restriction keywords forbid
more that the rfc forbids.
Should this brought to the attention of the developers? (-devel list or so?)

Regards,
Philippe.

From: John Peach on 27 Dec 2009 12:19
On Sun, 27 Dec 2009 18:10:53 +0100
Philippe Cerfon <philcerf(a)googlemail.com> wrote:

> On Sun, Dec 27, 2009 at 2:11 AM, Wietse Venema <wietse(a)porcupine.org> wrote:
> > With "smtpd_helo_required = yes", the Postfix SMTP server requires
> > HELO (or EHLO) before the MAIL, ETRN and AUTH commands (*).
> I've just tried it vor ETRN, and as far as I understand the RFC it
> should not be necessary for ETRN (as well as AUTH and STARTTLS which
> you named) to require HELO/EHLO.
>
>
> > If you disagree, then you MUST show the evidence that Postfix
> > behaves otherwise.
> Well,.. I do not claim that the RFC is superior in all points. I've
> just read that HELO/EHLO should be only necessary for mail
> transactions (=> MAIL)... q.e.d. ;-)
>
>
> I don't wanna be nit-picking,.. but as I read through rfc 5321 right
> now, I found some other places where postfix might be not stricly
> speaking compliant... or where the check/restriction keywords forbid
> more that the rfc forbids.
> Should this brought to the attention of the developers? (-devel list or so?)
No it should not - they know. The RFCs were written way before the
problems we have now. Feel free to update the RFCs if you so wish.

--
John

From: Wietse Venema on 27 Dec 2009 12:25
Philippe Cerfon:
> On Sun, Dec 27, 2009 at 2:11 AM, Wietse Venema <wietse(a)porcupine.org> wrote:
> > With "smtpd_helo_required = yes", the Postfix SMTP server requires
> > HELO (or EHLO) before the MAIL, ETRN and AUTH commands (*).

> I've just tried it vor ETRN, and as far as I understand the RFC it
> should not be necessary for ETRN (as well as AUTH and STARTTLS which
> you named) to require HELO/EHLO.

Without sending EHLO the client cannot know that the server supports
ETRN, AUTH, etc., therefore such clients are not compliant. Perhaps
some study of RFC 1869 is in order.

> > If you disagree, then you MUST show the evidence that Postfix
> > behaves otherwise.

> Well,.. I do not claim that the RFC is superior in all points. I've
> just read that HELO/EHLO should be only necessary for mail
> transactions (=> MAIL)... q.e.d. ;-)

You claimed that "smtpd_helo_required = yes" ALWAYS requires
HELO/EHLO. That claim is incorrect.

Wietse

From: /dev/rob0 on 27 Dec 2009 12:26
On Sun, Dec 27, 2009 at 06:10:53PM +0100, Philippe Cerfon wrote:
> On Sun, Dec 27, 2009 at 2:11 AM, Wietse Venema
> <wietse(a)porcupine.org> wrote:
> I don't wanna be nit-picking,.. but as I read through rfc 5321 right
> now, I found some other places where postfix might be not stricly
> speaking compliant... or where the check/restriction keywords forbid
> more that the rfc forbids.

This is by design.

Local policy always takes precedence over Internet standards. While
this might be most common in SMTP (where most abuse takes place), it
is by no means limited to SMTP. The person who provided the hardware
and electricity and network connectivity has the absolute right to
say how it is to be used.

> Should this brought to the attention of the developers? (-devel
> list or so?)

You were replying to Wietse, so it's safe to assume you already had
his attention.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header

From: Christoph Anton Mitterer on 27 Dec 2009 12:35
Quoting John Peach <postfix(a)johnpeach.com>:
> No it should not - they know. The RFCs were written way before the
> problems we have now. Feel free to update the RFCs if you so wish.
ok,... The problem is however, that it's quite difficult for "normal"
users to find restrictions which are more strict that the default but
still allow receiving mail from (at least currently) unusual
systems/addresses.

e.g. when disallowing non-fqdn sender/recipient addresses postfix
seems also to disallow mail(a)tld (which might soon become possible with
the "new" tlds)
or some of the restrictions look up A records but the docs don't tell
whether AAAA is also looked up as an alternative (this may become soon
common, too).


Regards,
Philippe

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: address rewriting for remote clients
Next: Rejecting invalid email addresses with SMTP relay/forward