On Sun, 15 Dec 2019 23:00:16 +0000, Nick Hilliard said: > Currently it's expedient to drop domain literals in EHLO commands, but > this is a policy practice of the operators rather than an integral > function of the protocol itself. The point is that, given a syntactically correct and acceptable EHLO, there's a massive difference between: mail.ietf.org says "550 5.7.1 mail rejected due to EHLO violating local policy" mail.ietf.org says "550 5.7.1 mail rejected due to EHLO RFC2821 violation". If the Secretariat was told to reject such mail, the first is a totally correct way to do it, and the second isn't (if it *was* an RFC violation, a 500 or 501 should be returned rather than 550).. Whether a given site should block address literal EHLO's is a totally different question entirely - I've run mail servers where anything that EHLO'd with an address literal was almost guaranteed spam/malware, and I've run mail systems whose entire purpose in life was to accept and forward mail for appliances that could only EHLO with address literals. As a result, I'll have to defer to people who have actual stats for ietf.org mail for how much spam it blocks versus how much ham mail is rejected, and the level of tolerance for rejection of sketchy-looking but legitimate mail....
Attachment:
pgpOPaEQM13vt.pgp
Description: PGP signature
