--On Sunday, February 01, 2009 14:49 -0500 Hector Santos
Tony, SM, John,
Ok, let me try it this way:
I was thinking of 3207 with text similar to:
The secured SMTP client MUST resend the EHLO command and
secured SMTP server MUST be prepared to issue an 503
for any out of sequence commands by legacy 3207 clients.
In spite of the fact that the 503 code has been stable since 821
was published, I'd be a lot happier with the above if it said
"issue a 'command out of sequence' reply" or "issue a 'command
out of sequence' reply as specified for SMTP [RFC5321]" than
"issue a 503...". Just aesthetics about what is specified where.
I don't have enough in-depth familiarity with 3207 clients to
have a useful opinion about whether
(1) that text is needed or whether
(2) text that (i) recommended sending the second EHLO
and (ii) indicated that any client that does not send
the EHLO MUST be prepared for a "command out of
sequence" code and MUST then either issue the EHLO
forthwith or abandon the connection (following SMTP and
TLS rules for doing that)
Would be the more appropriate fix.