Tony Finch wrote:
On Tue, 27 Jan 2009, Paul Smith wrote:
So, how would YOU set it up, given the (common) situation I described
(SBS Exchange connecting through a NAT router on a dynamic IP address)?
Sorry, I missed the dynamic part. They'll probably be blacklisted for
reasons entirely unrelated to their EHLO domain.
Only on a relative few recipient domains (surprisingly). For all the
rest, you have to get by with using what would be an incorrect EHLO
parameter.
Anyway, if that is the 'answer', shouldn't SMTP be defined like that? If
you are saying 'you need a static IP address to send mail without going
through a submission server', shouldn't that be in the SMTP standard?
Currently SMTP doesn't require that (some recipients do, but that's
their policy decision), so you can't change other parts of SMTP to get
that requirement in by the back door.
One explicit reason for the 'address literal' option for EHLO is to
allow for dynamic IP addresses (see RFC5321 4.1.1.1), but its
information is useless with a NAT setup, which most people will have.
Note that RFC 5321 does not mention NAT.
If you want to enforce strict EHLO parameter checking in the standard,
that is a big change, which would break a large number of existing mail
setups, (and may have big consequences on the availability of IPv4
addresses...). If RFC5321 was strictly applied at the moment, a large
number of EHLO statements would have to be 'EHLO [192.168.x.y]', and
good luck with using that for any checking... I would argue that 'EHLO
mailserver.domain.com' is more useful than 'EHLO [192.168.1.1]' even
though the former is incorrect, and the latter correct (according to RFC
5321) with dynamic IP/NAT.
--
Paul Smith
VPOP3 - POP3/SMTP/IMAP4/Webmail Email server for Windows