[Top] [All Lists]

Re: Using RSET with the EHLO/HELO fallback logic

2008-02-26 02:56:41

Frank Ellermann wrote:

Anything that can go wrong will go wrong, but I have
no example where not accepting EHLO is a good idea.

I agree, but just a few reasons off the top why it may persist:

- As part of an AVS system/proxy w/o MX low preference host?

  I may be wrong, but this appears to be the current reason
  I see it a lot.

- To help scale a large receiver system with less bandwidth (No
  extended EHLO responses is needed to complete a transaction)?

- Its not required for a majority of the public only receiver
  systems. No incentive to adapt.

- TLS/AUTH is not supported but instead offers POP B4 SMTP or an
  IP "Allow Relay" concept. I think it safe to say that many
  ISPs predominately support end-user or smart host IP
  client authentication to allow relay operations.

  From a support standpoint, this is the preferred, less costly
  method. No users instructions are required for using ESMTP AUTH.

  Note: As with long time systems, we stated as a 821 system and
  added EHLO began when we added TLS/AUTH support.  So for other
  systems who felt it wasn't required, they might not have adapted.

- Finally, overall, simpler SMTP coding without EHLO support,
  especially on the client side.  You will find many simple
  "tools" and scripts that use HELO only.

On a personal basis (with my old account), I recall a few years back when we got an email notice indicated a 4-5 month warning and cut off date (i.e, end of JULY) where ALL users will be expected to begin using ESMTP AUTH. There reasons?

    - Better security against spam,
    - Better Support for Roaming Users

No problem for me, but I remember sending an small note to their support saying "I hope you guys will be ready for the user support issues."

When July came around, I recall it was no more than 1-2 weeks where they send out another email and dropped the ESMTP AUTH requirement for end users. I have to go back and double check, but I remember at first, they didn't support it and I was among those who requested it so I can roam around with my lap top at the office. When the 2nd drop notice
came, I remember checking again and it was still offered but optional
like most systems that offer ESMTP AUTH.

Thats not to say they don't accept EHLO clients, but IMO, I think TLS/AUTH support is probably one of main reasons why systems added EHLO support or turn it on. I'm guessing on that. I'm sure many systems have other EHLO reasons, but if anyone wanted to add TLS/AUTH support, then they need first adapt to EHLO support. TLS/AUTH was the reason for us to add EHLO support.


Hector Santos, CTO