[Top] [All Lists]

Re: [ietf-smtp] SMTP server "RFC2821 Violation" for EHLO ip-literal.

2019-12-16 16:42:01
On 2019-12-16 1:49 p.m., Ned Freed wrote:
On Sun, 15 Dec 2019 18:14:30 +0100, Alessandro Vesely said:
On Sun 15/Dec/2019 17:13:38 +0100 Keith Moore wrote:

There are very many IP networks that do not use DNS but which still
use SMTP to send mail, even if only to a forwarder. Before web
browsers were commonplace, many networks did not use DNS except to
forward email to the Internet.�� The popularity of web browsers has
resulted in much wider support for DNS, but there are still many
networks that aren't intended to support humans using web browsers. �
For some of those networks, DNS is not a feature, it is a liability -
it adds nothing of value for them and is something that can break and
cause (say) assembly lines to fail.

In a walled garden it makes sense to accept mail from anyone who is
able to connect.  To do so globally has proven to be unaffordable.
Anti-spam techniques vary from dropping messages at random to
assessing senders reputation, each has its FPs.

However, consider this:

If we write a standard that says address literals aren't permitted, then the
writers of MTAs will be totally in their rights to refuse to accept mail with
an address literal.

The reason we didn't drop address literal support sooner is that there are lots
of low end clients which for various reasons don't have a name they can use.
They also typically don't have support for SSL/TLS or SASL.

Now, an argument can be made that these are submission clients, and that
any relay client should be configured with and use a name. But if we
push these limited clients into the submission space, we'd need to loosen
the crypto requirements there. Does anyone really want to go there?

At which point it doesn't matter if it makes sense in a walled garden, because
a device in the garden won't find anybody to talk to.

FWIW, I checked my home logs for the past year, and not only do I see a number
of IP literals, they are without exception associated with legitimate mail.

Mileage varies.

Interesting, especially given the large 'botnet' contingent that still uses IP Address literals, eg the one currently going around (13k+ IP(s) reported over night) that send using [] in the EHLO, typically used during dictionary/weak pass discovery..

Or the other couple of bots that use random generated dotted quads in the reserved IP space..

Or the many IoT bots that if they can't figure out what the external PTR record is for the device, will default to the IP Address of the external interface.

While almost every MTA can handle IP literals, I am sure that MOST tend to look unfavorably when doing spam filtering for instance, but of course there are many 'a.b.c.d' address formats that will have the same problem.. eg 'localhost.localdomain', or the infamous naming convention.. *ahem*  x4  x4

Well, tongue in check, but you get the point. Nothing wrong with IP literals, but you can expect to have a more 'challenging' time getting email accepted from many email operators around the world.

"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at @linuxmagic
A Wizard IT Company - For More Info
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>