Re: [exim] STARTTLS before EHLO?

Top Pagina
Delete this message
Reply to this message
Auteur: Heiko Schlittermann
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] STARTTLS before EHLO?
Jakob Hirsch <jh@???> (Di 07 Feb 2006 13:28:36 CET):
> Heiko Schlittermann wrote:
>
> > should exim support receiving a STARTTLS *before* receiving an EHLO?
>
> no.
> Well, it wouldn't hurt (just like allowing AUTH before EHLO), but why? No
> proper client would do it.


Hey - I didn't ask for implementing it. :)

>
> >     openssl s_client -connect ssl.schlittermann.de:25  -starttls smtp
> >       503 STARTTLS command used when not advertised..

>
> Which openssl version is this? 0.9.7f (on FC4) sends "EHLO some.host.name"
> before STARTTLS.


    OpenSSL 0.9.7e 25 Oct 2004
    and
    OpenSSL 0.9.8a 11 Oct 2005


both do not send 'EHLO'. (Debian)


> I'd say: A server is not required to enforce EHLO before using extensions,
> but it is also not required to allow them before he has announced them
> through an ESMTP response.
>
> Anyway, RFC 821 says: "The first command in a session must be the HELO

                                                        ~~~~

> command.", changed by RFC 1869, 4.1.1:
>
>    RFC 821 states that the first command in an SMTP session must be the
>    HELO command. This requirement is hereby amended to allow a session
>    to start with either EHLO or HELO.



... that's what I needed to know :) Thank you.


    Best regards from Dresden
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -