From: "Alan DeKok" <aland(_at_)freeradius(_dot_)org>
Priority MTA Activities
-------- --------------
1 source IP filtering, accepting email only
from a set of whitelisted IP's.
2 what (1) does, plus ident/RMX
3 (2), plus spam filtering
. ... even more graduated filtering
The idea is that the other end *already* walks down the list of MX's
by priority, if there's a delivery error.
What standards compliant SMTP client does that?
Instead an SMTP client only walks down the list of MXs when the MXs
are completely silent to the TCP SYN to port 25 or respond with
an ICMP Unreachable.
Once a client gets a SYN-ACK, it is supposed to continue to the end
of the SMTP transaction and either forget the mail message entirely
if it gets a 2yz to the DATA command or 5yz response to any command,
or try again later starting with the lowest numbered MX server if it
gets a 4yz response to any command.
Section 3.9 of RFC 2821 says that other cases such as broken TCP
connections "SHOULD ... treat the mail transaction as if a 451 response
had been received."
We can abuse this behaviour
to allow the people we know (whitelisted) to connect with no cost.
...
Not unless they use broken MTAs.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg