On Sun, 1 Feb 2009, Hector Santos wrote:
I was thinking of 3207 with text similar to:
The secured SMTP client MUST resend the EHLO command and the
secured SMTP server MUST be prepared to issue an 503
for any out of sequence commands by legacy 3207 clients.
What's wrong with the text I suggested?
Upon completion of the TLS handshake, the SMTP protocol is reset to
the initial state (the state in SMTP after a server issues a 220
service ready greeting). The requirement in [RFC5321] that "a client
MUST issue HELO or EHLO before starting a mail transaction" also
applies to this fresh state.
On the other hand, if 3207 is altered to enforce a MUST, then we need to
change our server and in that vain, I reject this 3207 change to a MUST.
This isn't a change to 3207, it's a clarification. This is a requirement
on the client so it isn't strictly necessary for servers to enforce it
(robustness principle and all that). Does your server enforce the
requirement for plaintext connections?
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.