PureMessage RFC2821 violation..... And Support doesn't care...

Hello Jim,

the transaction you posted is IMO not exactly a violation (However, in practice, some servers do not perform recipient verification until after the message text is received. These servers SHOULD treat a failure for one or more recipients as a "subsequent failure" and return a mail message as discussed in section 6) although not full compliance (and I'm not sure I'd expect 555 here).

However the following cases would be a violation:

1. A 5xx reply on the <CRLF>.<CRLF> if at least one of the recipients is valid
2. A 250 reply on a VRFY command with an invalid address (and a 500|502 reply not being fully compliant)

Incidentally from your example I'm not sure I fully understand what you are trying achieve (or to avoid) and what you've set up.

Christian

Hi,

     What I'm trying to do is protect us from a backscatter attack.  We were doing recipient forwarding (and validation) at the edge.  We recently changed the edge machines to forward email that we don't reject as spam to internal systems for forwarding.  Given that we should do recipient validation at the edge.

     PureMessage is failing rfc2821 in two ways.  First my example above.  Second is in the "subsequent failure" you reference in section 6.  Below the jwh2222222222222@cornell.edu is an invalid address, the jwh2@cornell.edu and ctb38@cornell.edu are valid and receive the email.  In the Sendmail log you see the jwh2222222222222@cornell.edu recipient deleted from the recipient list.  The sender should receive a bounce message ("subsequent failure" ) but does not.  The message goes into the bit bucket, I can't find any trace of it.  I hope you have a clearer understanding now.

May 17 11:27:49 maxima sendmail[26072]: p4HFQpqf026072: Milter delete: rcpt jwh2222222222222@cornell.edu

jwh2-3:~ JimHowell$ telnet maxima.mail 25
Trying 128.253.83.156...
Connected to maxima.mail.cornell.edu.
Escape character is '^]'.
220 maxima.mail.cornell.edu ESMTP Sendmail 8.14.4/8.14.4; Tue, 17 May 2011 11:26:51 -0400
helo lost.net
250 maxima.mail.cornell.edu Hello jwh2-3.cit.cornell.edu [128.253.64.161], pleased to meet you
mail from: jwh2@cornell.edu
250 2.1.0 jwh2@cornell.edu... Sender ok
rcpt to: jwh2@cornell.edu
250 2.1.5 jwh2@cornell.edu... Recipient ok
rcpt to: jwh2222222222222@cornell.edu
250 2.1.5 jwh2222222222222@cornell.edu... Recipient ok
rcpt to: ctb38@cornell.edu
250 2.1.5 ctb38@cornell.edu... Recipient ok
data
354 Enter mail, end with "." on a line by itself
silly test
.
250 2.0.0 p4HFQpqf026072 Message accepted for delivery
quit
221 2.0.0 maxima.mail.cornell.edu closing connection
Connection closed by foreign host

Thanks for the clarification, Jim.

Can't help you with PureMessage as I'm not responsible for PureMessage or the mail system at our site - I was just curious (having been "postmaster" for quite some time since the days before RFC0974).

The sender should receive a bounce message

While this is the behaviour required by the RFC that's probably something you don't want to happen if someone sends mail with a bogus MAIL FROM validaddress@cornell.edu as validaddress will then get "unsolicited" non-delivery reports. I've asked my co, we do recipient validation but entirely in Postfix before PureMessage gets involved. 

Christian