On 2016-05-05 17:08, Todd Herr wrote:
Forgive me if this is off topic, but I don't know where else to turn.
I've got a customer who's having trouble sending mail to two domains
with nothing obvious (to me) in common save for one thing; both
domain's primary MXen look to be sitting behind Cisco PIX devices with
Mailguard turned on. I know this because of the greeting I get from both:
220 *******************************************************************
Now, everything I can find about these devices says that they only
allow seven SMTP commands:
HELO,
MAIL
,
RCPT
,
DATA
,
RSET
,
NOOP
,
QUIT
And they're supposed to respond with OK to everything else. These two
domains, again not obviously related, mail servers in different /8s,
don't even do that, though; both of them are responding in
unsuspected ways even to commands from the above list, to wit:
RSET
500 Syntax error, command unrecognized
QUIT
500 Syntax error, command unrecognized
I've never wrangled one of these beasts (haven't even *seen*
evidence of one in many years) so I'd like to ask you fine folks if
you've ever seen anything like this from one of these, and what it
means for their configuration? I mean, is this a common
bug/misconfiguration, or have I just hit the lottery?
They're broken by design and not fit for purpose. Among their many
flaws, they don't even make it to RFC821 3.1, the MAIL command, which is
described as the following:
MAIL <SP> FROM:<reverse-path> <CRLF>
Instead, when they receive a "M" in a packet alone, they interpret it as
an invalid command and don't bother to parse the rest of the command.
However, if you deliver the whole command in one TCP packet, they will
accept it; This is patently stupid.
Although TCP won't generally break up such a short string into multiple
packets there's actually nothing wrong with doing so and there's no
requirement in RFC 821 to send each command in a single packet. It also
makes troubleshooting difficult since telnet and similar tools often
send each byte as you type it rather than waiting for the <CRLF>. If you
can configure your tool to send whole lines, you'll run into other
stupidity, but it will at least attempt to recognize commands.
Given that RFC 821 is from August of 1982, I would wholeheartedly
recommend unplugging them until they catch up to at least 1984, or if
that's not possible, at least disable the SMTP-breaking "feature". Even
Microsoft published a how-to article on the topic:
https://support.microsoft.com/en-us/kb/320027
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
