[Top] [All Lists]

Re: STARTTLS & EHLO: Errata text?

2009-02-01 15:25:00

John C Klensin wrote:

--On Sunday, February 01, 2009 17:14 +0000 Tony Finch
<dot(_at_)dotat(_dot_)at> wrote:

On Sat, 31 Jan 2009, Hector Santos wrote:
So the one question I did have was the response code from the
server.  As shown, the server issued 550. It was something:

   [TLS established]
   C: MAIL FROM <xxxx>
   S: 550 EHLO/HELO required.

Shouldn't the server response be 503 (Bad Sequence of
If so, should this be stated in the revised text?
Not in 3207 - this requirement is inherited from 5321.

IMO, that requirement, and the use of the codes, is perfectly
clear in 5321 (at least to anyone who bothers to read it).  If
someone disagrees, please send text.

Tony, SM, John,

Ok, let me try it this way:

I was thinking of 3207 with text similar to:

    The secured SMTP client MUST resend the EHLO command and the
    secured SMTP server MUST be prepared to issue an 503
    for any out of sequence commands by legacy 3207 clients.


Our server, and probably others, based on the original relaxed semantics "Client SHOULD resent EHLO/HELO" guideline, does not enforce it simply because it didn't say MUST.

In other words, the secured client can continue with a MAIL FROM and the normal reply codes associates with it apply, but not 503 because it wasn't deem necessary at this stage.

On the other hand, if 3207 is altered to enforce a MUST, then we need to change our server and in that vain, I reject this 3207 change to a MUST. However, since most secured clients do resend EHLO, I don't see that as having an impact on existing installations. Our secured server is not going to fail the secured session if the secured client does not resent EHLO.

So at the very least, if 3207 text is changed to MUST, it should include some additional text, call it a "reminder" text if you wish to the above text. Who knows, if the server in the example did issue the 503, then maybe the OP's client designer might have seen the necessity to add logic to restart with EHLO, and thus, no discussion would be necessary.


Hector Santos, CTO