Re: default MTA

To: debian-devel@lists.debian.org
Subject: Re: default MTA
From: Chris Knadle <Chris.Knadle@coredump.us>
Date: Thu, 6 Jun 2013 20:06:56 -0400
Message-id: <[🔎] 201306062006.57082.Chris.Knadle@coredump.us>
Reply-to: Chris.Knadle@coredump.us
In-reply-to: <[🔎] o4878a-c84.ln1@silverstone.rilynn.me.uk>
References: <20130528010222.GA14069@bongo.bofh.it> <[🔎] 201306060852.13676.Chris.Knadle@coredump.us> <[🔎] o4878a-c84.ln1@silverstone.rilynn.me.uk>

On Thursday, June 06, 2013 16:30:48, Roger Lynn wrote:
> On 06/06/13 14:00, Chris Knadle wrote:
> > On Wednesday, June 05, 2013 15:35:14, Marc Haber wrote:
> >> On Sun, 2 Jun 2013 19:53:59 -0400, Chris Knadle
> >> 
> >> <Chris.Knadle@coredump.us> wrote:
> >> >Attempting to use an FQDN is also troublesome, because Exim tries to
> >> >use DNS to look up the FQDN, and falls back to using 'uname -n' which
> >> >returns the local hostname without a domain name.  The SMTP RFCs
> >> >require the HELO/HELO information to contain an FQDN or an IP address
> >> >in [] brackets, and some mail systems reject connections containing
> >> >non-conforming HELO/EHLO greetings.
> >> 
> >> Smarthosts are usually a lot more forgiving in that regard.
> > 
> > Maybe so, but the smarthosts I run aren't, so I don't have the
> > expectation that others are.  ACL rules for both Exim and Postfix for
> > blocking noncompliant EHLO/HELO greetings are commonly suggested.
> 
> The smarthosts run by ISPs that most people will be using by default have
> to accept mail direct from MUAs such as Outlook and Thunderbird which will
> often be unable to generate compliant greetings. The pickier settings are
> more often used on incoming servers which expect to have proper SMTP
> servers speaking to them.

I think that's true, however I'd still rather not _count on_ that always being 
the case.  The RFCs accept [<IP_address>] such as [192.168.1.1] as a EHLO/HELO 
greeting, and that's something that's always available and should work with 
smarthosts that have more strict EHLO/HELO checks.

> >> >> I don't think you need MAIN_TLS_ENABLE to to TLS as a client.
> >> >
> >> >Tested this... looks like this is true.  :-)  Cool.  [I'm pretty sure
> >> >this wasn't always the case, but I'm glad it is now.]
> >> 
> >> Afair, it was always the case.
> > 
> > Okay -- I'll take your word for it.  ;-)
> 
> The upstream spec for Exim 3.30 from 2001 says: "It is not necessary to set
> any options to have TLS work in the smtp transport. If TLS is advertised by
> a server, the smtp transport will attempt to start a TLS session."

Yep, that's definitive.  Thanks for taking the time to look this up.

  -- Chris

--
Chris Knadle
Chris.Knadle@coredump.us
GPG Key: 4096R/0x1E759A726A9FDD74

Reply to:

Follow-Ups:
- Re: default MTA
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

References:
- Re: default MTA
  - From: Chris Knadle <Chris.Knadle@coredump.us>
- Re: default MTA
  - From: Roger Lynn <Roger@rilynn.me.uk>

Prev by Date: ITP: ruby-rinku -- autolinker for Ruby
Next by Date: Work-needing packages report for Jun 7, 2013
Previous by thread: Re: default MTA
Next by thread: Re: default MTA
Index(es):
- Date
- Thread