[Top] [All Lists]

Re: Mail Data termination

2011-08-17 05:02:01

--On Tuesday, August 16, 2011 19:29 -0700 Randall Gellens
<randy(_at_)qualcomm(_dot_)com> wrote:

At 8:20 PM -0400 8/16/11, Hector Santos wrote:

 NO QUIT means a cancellation because otherwise the only
 other way  to end a SMTP session is for the client to close
the socket  connection.

To me, this sounds like a confusion between POP and SMTP.  In
POP, not sending a QUIT cancels any pending deletions.  In
SMTP, each MAIL transaction stands alone.

Interesting insight.  Yes.

 Sending a QUIT at
the very end is required, but failing to do so has no ill
effects (and there are a number of clients who don't bother).

Actually, there is a potentially bad effect, but it isn't on
mail transactions.    Depending on the quality of TCP/IP
implementation on the server and some other factors, a client
close may not be noticed for some time.  I.e., the client thinks
the connection had been closed, while the server is still
listening on it.  I'll leave a discussion of all of  the nasty
things that could be done by an attacker getting hold of a
connection in that state as an exercise, but that is at least
one of the reasons why the spec says "handshake then close"
rather than "just close".


<Prev in Thread] Current Thread [Next in Thread>