Re: [exim] Exim server behind NAT router (and HELO)

Top Page
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: Exim User's Mailing List
Subject: Re: [exim] Exim server behind NAT router (and HELO)
Greg A. Woods wrote:

> You seem to suffer from more than one drastic misunderstanding of the
> intent and goals of Internet protocol specifications and guidelines.


<sigh>
Yeah, Greg, I already know that you are the internet guru and I am
clueless, you don't have to tell me again and again. It is boring,
presumptuous and wrong.


> The so-called "Robustness Principle" cannot, and MUST NOT, be used as a
> poor excuse to justify invalid attempts to shove policy rules at sites
> that have every right to choose their own policies. Robustness must
> also never come at the expense of security.


Claiming again and again that HELO has security significance won't give
it any.

> No site is required to accept every SMTP transaction fed to it. Every


I know. And never wrote something dissenting. So I don't know why you
write all this to me. What is your point? "I'm not violating robustness
principle!"? If you prefer to think that way, then do it. I disagree,
but (unlike other people) I'm not missionary enough for trying to
convince you.

> The robustness principle is _only_ about the low-level bits and bytes


It is not. E.g., most ip-stacks throw aways packets with wrong
checksums. And I would say that is even an improvement to robustness.

> and syntax wiggles within a "relaxed" protocol specification such as


yeah, and whether HELO data is something important or not is totally
left to the site owner.

> that for SMTP. I.e. it's about allowing clients to send commands made
> up of lowercase letters when the specification only refers to use of
> uppercase letters; or about allowing extra whitespace where only one
> space might be specified.


or sending any random string where totally unimportant data is asked.