On Aug 16, 2011, at 4:32 PM, Hector Santos wrote:
Randall Gellens wrote:
At 1:07 PM -0400 8/16/11, Hector Santos wrote:
I've been seeing (maybe because I'm looking) more transactions from one of
more particular senders that include a <CRLF>.<CRLF> end of data terminator
in the body but continue with additional text after the DATA has been
accepted.
Investigating it seems to be something we can't reliably address short of
looking ahead of the receiver buffers to nullify these invalid
<CRLF>.<CRLF>.
This is something that is so broken I think the best course is to reject it.
Hopefully the sender will notice and fix their bug.
Agree.
The problem is that a 250 was already issued once the <CRLF>.<CRLF> is
detected so the only current possible SMTP "allowed" action is to not deliver
(complete the transaction) due to a NO QUIT command cancellation which is
what happened in our server setup. I never saw these IETF messages.
no QUIT is a lousy reason to not deliver a message.
Keith