[Top] [All Lists]

RE: RSET command - possible security loophole

2011-05-30 17:44:56

-----Original Message-----
From: owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of John C 
Sent: Monday, May 30, 2011 3:03 PM
To: Hector Santos; ietf-smtp(_at_)imc(_dot_)org
Subject: Re: RSET command - possible security loophole

To say that even more bluntly, I don't think 5321 needs to
provide "additional process insight".  No additional words in
5321 will prevent implementers who don't feel a need to think
from their own carelessness and/or stupidity.

If you think that needs to be more clear in the relevant
extension documents, I recommend that you start generating

It doesn't appear I was privy to the original message, but given the part of it 
that was quoted, +1 to John's reply.