strict interpretation of rfc (2)821 for mail from an rcpt to commands
RFC (2)821 doesn't allow a space between the colon and the mail
address in the
So a strict check of the syntax can block quite a lot of mail and worms. According to Claus Assmann, sendmail X will check the syntax strictly. I have modified qpsmtpd to do this (but also implemented a whitelisting feature to allow for broken MTAs).
Here are some results:
Broken MTAs
A list of probably legitimate MTAs which include spurious spaces in MAIL and RCPT commands:
| IP-Address | SMTP banner | Software |
|---|---|---|
| 195.248.57.67 | 220 **************************************************************0*************************200***0****0***0*00 | Unknown - masked by a PIX firewall |
| 62.225.35.170 | 220 - MAILSCAN1 eSafe SMTP Service 4.2.533.2 ready 16-Feb-2005 10:35:34 | Aladdin eSafe |
| 80.120.11.114 | 220 mail.yellowbox.at Service ready by DvISE PostMan (0224) ESMTP Server (Tobit Software, Germany) | Tobit DvISE |
| 81.223.104.14 | 220 hoeftberger.net ESMTP MailEnable Service, Version: 1.71-- ready at 02/21/05 14:55:23 | ??? |
| 195.67.76.228 | 220 ** | Unknown - masked by a PIX firewall |