Next: Commands omitted on purpose
Up: Characteristics of a SMTP
Previous: RFC 821 and security
  Contents
MAIL, RCPT and DATA are the three most important
commands, indispensable in order to send a mail, so they must obviously be implemented.
However, to implement them does not mean to blindly allow them - The greatest
benefit in using wrappers is that we can monitor every single byte that goes
into our system. We can watch for the following information in each of these
commands:
- MAIL should check whether the user originating the mail comes from
a RBL-blocked IP address and drop his connection; it can also check if the mail
comes from an site authorized to relay. If it comes from an unauthorized site
the wrapper should only raise a flag, for it may be a mail meant to be delivered
to a local user.
- RCPT should allow setting a maximum number of message recipients -
If we do not allow a message to be sent to more than ten people at a time we
will make life harder for a potential spammer. Of course, some users may want
to send a mail to many people at once, so we should not set this number too
low. There must exist an option to ignore the number of recipients, in case
an administrator prefers not to restrict this.
- DATA can limit a message's size. Additional checks could be made at
this point, such as having a different behavior for different users or reacting
to a mail's content, not just to its envelope, but are not implemented in this
version.
- HELO could check if the given address matches the originator's IP address
and log it if it does not. However, most mail programs nowadays will still issue
a HELO, but with a dummy address because they are often located on computers
with no permanent IP address. It is a better decision just to check the format
of the answer, and --of course-- check it against maxLineLength.
- RSET can be cleanly passed on to the real SMTP server.
- QUIT can be cleanly passed on to the real SMTP server.
Next: Commands omitted on purpose
Up: Characteristics of a SMTP
Previous: RFC 821 and security
  Contents
Gunnar Wolf
2001-03-12