From: "Claus Assmann" <ietf-smtp(_at_)esmtp(_dot_)org>
[Please do NOT Cc' me.]
You got it!
How do you know it's not a domain? Do you
perform a DNS lookup?
No. Not for this specific test.
Hmm, why again are you complaining about my software?
I am not. Just pointing out the inconsistencies. You are enforcing one
item but not the other.
And this just my personal opinion, this level of MAIL FROM:sp syntax check
that has absolute no SMTP level correlation to a malicious sender, yet also
inconsistent with the majority of operations on the internet.
I ask this question: Is there a correlation of bad MAIL FROM:sp syntax with
malicous senders? Or you just hate windows users? :-)
220-winserver.com Wildcat! ESMTP Server v6.1.451.5 ready
ehlo 1.2.3.4
250-winserver.com, Pleased to meet you.
Touche! :-)
However, per RFC 2821 recommendation in section 3.3, we moved all extended
SMTP level checks until the RCPT forward path is known.
This is done to reduce all overhead to absolute minimum and need to do any
extended SMTP level checking.
A good bit of the transactions are bad RCPT addresses. So there is no need
to do anything unless an Anonymous Final Destination (AFD) transaction is
determined.
For my personal setup, I believe I relaxed the bracket test, but not the IP
spoof test.
If you want to see the local domain spoof trap, go further to RCPT state.
You can also try it from: http://www.winserver.com/testwcsap.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com