On 15 Dec 2019 17:29:27 -0500, "John Levine" said: > In article <8EE11B75E1F8A7E7105A1573@PSB> you write: > >It has recently come to the attention of several of us, via an > >extended discussion on the SMTP list, that the IETF email > >servers are rejecting all SMTP connections whose EHLO commands > >contain IP address literals. ... > > $ telnet -4 mail.ietf.org 25 > Trying 4.31.198.44... > Connected to mail.ietf.org. > Escape character is '^]'. > 220 ietfa.amsl.com ESMTP > quit > 221 2.0.0 Bye > Connection closed by foreign host. It throws the error later in the transaction: (slice-n-mice from the original report, which had the IP obfuscated) 220 ietfa.amsl.com ESMTP EHLO [A.B.C.D] 250-ietfa.amsl.com 250-PIPELINING 250-SIZE 67108864 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250 8BITMIME MAIL FROM:<> 250 2.1.0 Ok RCPT TO:<ietf-bounces@xxxxxxxx> 550 5.7.1 <[A.B.C.D]>: Helo command rejected: RFC2821 violation Personally, my opinion is that if there's indication that a lot of spam or other malicious mail is arriving from "address literal EHLO" sources, it's appropriate to respond with a "550 5.7.1 Rejected due to policy reasons", preferably in response to the EHLO, but at RCPT TO is at least acceptable if that's where the MTA code says to do it. I've run mail servers that I set to throw "550 rejected due to local policy" for *lots* less significant reasons, and if the Secretariat has been told to reject such mail, "550 5.7.1 due to local policy" is the *exact* way to implement it. But claiming it's an RFC2821 violation isn't acceptable.
Attachment:
pgpEvB5EHJu3O.pgp
Description: PGP signature
