[geeks] A puzzling mail error
Rich Kulawiec
rsk at gsp.org
Wed Jun 25 13:48:10 CDT 2008
On Tue, Jun 24, 2008 at 08:45:23PM -0400, der Mouse wrote:
> Well...I prefer to think of it as broken because no such domain exists
> in the DNS (.4 is not an existing TLD); syntactically, it's a perfectly
> good domainist HELO.
<chuckle> Well, I might give a pass to .42, but .4? I don't think so. ;-)
> > "HELO mail" is broken: not a FQDN.
>
> Why not? It's nonexistent, because no TLD "mail" exists, but that
> doesn't make it any less a FQDN.
>
> However, it wouldn't be valid even if such a TLD did exist; despite the
> language in 2.3.5 that appears to permit one-label names, the syntax in
> 4.1.2 makes it clear that a "Domain" (such as appears in a domain-style
> HELO argument) must include at least one dot. (Section references are
> to RFC2821.)
I should have remembered that you're on this list and checked 2821 before
posting. ;-) But yeah, I'm pretty sure that the intent of 4.1.2 and
the requirement in general is that at least one dot has to be present,
so "HELO com" doesn't work. I'm guessing -- perhaps incorrectly -- that
this may be in part to disambiguate "com" the host from "com" the TLD,
or perhaps "com" my host from "com" your host. I'll now pause to reflect
on the implications of host com in subdomain com in TLD com, thus com.com.com,
and how very badly that would make my head hurt if I had to debug the
DNS setup for it.
> > "HELO fubar.example.com" is broken if fubar.example.com does not
> > exist in DNS.
>
> Yes.
>
> > "HELO [192.168.0.1]" is broken if received on an external interface
> > that shouldn't be talking to anything in RFC 1918 space.
>
> Is it? I can't find anything that says the address embedded in an
> address literal has to bear any particular relationship to the address
> of any machine anywhere, much less either of the machines participating
> in the SMTP conversation. Did I miss something?
Hmmm, lemme go fish. Here's what I think I know: if a host HELOs with
the address literal, it should be the address of the interface from
which the connection's been intiated. So a multi-homed host at 1.2.3.4
and 5.6.7.8 should HELO as [1.2.3.4] on the former and [5.6.7.8] on the
latter. Of course, now I need to go find chapter-and-verse that says
that, if such exists. ;-) Anyway, if I'm right about that and not just
suffering the after-effects of prolonged exposure to dry erase marker
fumes, then an Internet-connected host shouldn't see an incoming HELO
from [192.168.0.1] because either (a) nobody should be using that on
an external interface (b) the remote side's egress router config should
trap it or (c) the local side's ingress router config should trap it.
I think. ;-)
---Rsk
More information about the geeks
mailing list