Dave Crocker <dhc@xxxxxxxxxxxx> wrote: > On 4/20/2012 9:51 PM, John Levine wrote: > > > > The longer answer is that thirty years ago, in RFC 821 there was a > > TURN command which does what you suggest, switches the roles of the > > two ends of the SMTP session. But that turns out to be a giant > > security hole, since a bad guy A' could steal mail by connecting to B > > while pretending to be A, doing a TURN, and collecting mail intended > > for A. So SMTP servers don't do that any more. > > check out ETRN. > http://en.wikipedia.org/wiki/Extended_SMTP#ETRN ETRN effectively just triggers a queue run on the server (B) for messages destined for the client (A); the deliveries are done using new connections in the same way as if the queue run had been automatically triggered. There is also the ATRN (authenticated turn) command used by ODMR (on-demand mail relay, RFC 2645) which is an ESMTP variant run on a different port. The main difference between TURN and ATRN is that ATRN requires a preceding AUTH command which the server uses to determine which domains the client may request mail for. Unlike ETRN, ATRN uses the same connection in the reverse direction for mail delivery. Tony. -- f.anthony.n.finch <dot@xxxxxxxx> http://dotat.at/ Shannon: Northwesterly 5 or 6, backing southwesterly 4 or 5, backing easterly or northeasterly 5 to 7, occasionally gale 8 in south later. Rough or very rough, becoming moderate or rough. Rain or showers. Moderate or good.