Re: [EXIM] bug in exim when talking to non-ESMTP host?

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Greg A. Woods
Dátum:  
Címzett: Exim users mailing list
Tárgy: Re: [EXIM] bug in exim when talking to non-ESMTP host?
[ On Thu, November 5, 1998 at 10:59:34 (+0000), Philip Hazel wrote: ]
> Subject: Re: [EXIM] bug in exim when talking to non-ESMTP host?
>
> ... terminated with <CRLF>.<CRLF> after which the server should be ready
> to accept a new "transaction", that is, a new MAIL FROM. *If* they then
> give 5xx to the MAIL FROM, the sending Exim will take this as a hard
> error, and bounce the message.
>
> However, you said that they got one gigantic message with everything
> concatenated. That looks to me as if they are not recognizing
> <CRLF>.<CRLF> correctly. Can you tell me their domain? I can then do
> some tests by hand to see what happens. Alternatively, what you can do
> is queue up a message form them with


Note that "David PostMan" is seems to be wide open to theft of service
attacks, and mail.tobit.com has been listed in ORBS since Oct. 14.

A manual test of two messages in one connection "worked" (smail won't
deliver multiple separate messages in one connection) [but see below]:

| 10:30 [2161] # telnet mail.tobit.com 25
| Trying 62.52.80.126...
| Connected to mail.tobit.com.
| Escape character is '^]'.
| 220 mail.tobit.com Service ready by David PostMan (Tobit Software, Germany)
| HELO mail.weird.com
| 250 mail.tobit.com Hello mail.weird.com, pleased to meet you
| MAIL FROM:<woods-reply1@???>
| 250 <woods-reply1@???>... Sender ok
| RCPT TO:<woods-relay1@???>
| 250 <woods-relay1@???>... Recipient ok
| DATA
| 354 Start mail input, end with <CRLF>.<CRLF>
| Subject: relay1
|        
| alskdjf
| .
| 250 Message accepted for delivery
| MAIL FROM:<woods-reply2@???>
| 250 <woods-reply2@???>... Sender ok
| RCPT TO:<woods-relay2@???>
| 250 <woods-relay2@???>... Recipient ok
| DATA
| 354 Start mail input, end with <CRLF>.<CRLF>
| Subject: relay2
| 
| asldkfj 2
| .
| 250 Message accepted for delivery
| quit
| 221 mail.tobit.com Service closing transmission channel
| Connection closed by foreign host.


Unfortunately this caused them to deliver *two* copies of the *second*
message!

(Note that when I do SMTP tests with telent I only ever use the carraige
return key. I *think* telent will send CRLF across the wire in this
case, but I've never actually confirmed this for some unknown reason.)

All the messages I've relayed though them like this (even one at a time)
also have the sender set to "<>" despite the fact that I give a full,
correct, and explicit sender address in the "MAIL FROM:". I.e. they're
dropping my sender and replacing it with the error reply address, which
is strictly forbidden.

They seem happy with smail's chatter for multiple recipients at a given
domain:

| transport smtp: connect to host mail.tobit.com [62.52.80.126]/smtp...connected
| SMTP-reply: 220 mail.tobit.com Service ready by David PostMan (Tobit Software, Germany)
| SMTP-send: EHLO most.weird.com
| SMTP-reply: 502 Command not implemented
| SMTP-send: HELO most.weird.com
| SMTP-reply: 250 mail.tobit.com Hello most.weird.com, pleased to meet you
| SMTP-send: MAIL FROM:<woods-reply@???>
| SMTP-reply: 250 <woods-reply@???>... Sender ok
| SMTP-send: RCPT TO:<woods-relay%planix.com@???>
| SMTP-reply: 250 <woods-relay=planix.com@???>... Recipient ok
| SMTP-send: RCPT TO:<woods-relay2%planix.com@???>
| SMTP-reply: 250 <woods-relay2=planix.com@???>... Recipient ok
| SMTP-send: DATA
| SMTP-reply: 354 Start mail input, end with <CRLF>.<CRLF>
| [[.... blah, blah, blah ....]]
| SMTP-send: .
| SMTP-reply: 250 Message accepted for delivery
| SMTP-send: QUIT
| SMTP-reply: 221 mail.tobit.com Service closing transmission channel


However they don't understand '%' hack addressing, and I never received
the two messages I should have received from the above transactions.

-- 
                            Greg A. Woods


+1 416 218-0098      VE3TCP      <gwoods@???>      <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>


--
*** Exim information can be found at http://www.exim.org/ ***