I take it other fokes can reproduce this problem I am seeing? If you definately think its a problem with TB will you raise a ticket with Mozilla? As I am kinda stuck with my TB clients using ASSP since I have updated to version 2.
Thanks again Paul On Mon, 3 Oct 2011 11:50:03 +0200, Thomas Eckardt wrote: >>> Oct-01-11 20:58:06 [Worker_1] 10.1.10.149 [SMTP Error] 554 5.7.1 >>> Misbehaved SMTP session (EarlyTalker) > > What is assp doing? > ASSP analyzes the SMTP command handshake (sequence of command and > reply) > of the client and server. > Every client and server has to follow the SMTP RFC's. > > An valid SMTP session start looks as follows: > > 1. client connects to the server over TCP > 2. server sends '220 welcome or any other text' > it is also possible to send more than one line in the server greeting > - > for example: > 220-welcome to me > 220-please follow the RFC > 220 mail server is now ready > > notice the '220-' and '220 ' - every client has to wait until he > receives > the line '220 ' (without the '-') > > If the client sends any command (the first has to be HELO or EHLO) > before > he received the '220 ....' greeting, this is a misbehave in SMTP and > this > is penalized by assp. > Currently all sessions with this misbehave are dropped immediatly. > > My idea was, to allow such a misbehave for all outgoing mails and > 'accepAllMail' IP's - but I'm not sure if this idea is a good one. > Because > if a local PC gets highjacked by a bot - this check could help to ban > it. > > I'll revert my currently done code changes. ASSP should not allow any > SMTP > misbehave - how ever, this check could be disabled in the next > release by > setting 'etValencePB' to zero. > > > Thomas > > > > > > Von: Paul Farrow <[email protected]> > An: ASSP development mailing list > <[email protected]> > Datum: 03.10.2011 03:33 > Betreff: Re: [Assp-test] Antwort: Re: Thunderbird SSL/TLS with > ASSP > Version 2 > > > > > > Thanks Thomas > > What I don't understand is this is Thunderbird 7.0.1 we are talking > about not some unknown mail client. Surely its unlikely that the > client > is the problem is it??? > > My friend is using Thunderbird (although I don't know what version at > this stage) and he doesn't appear to have this problem with ASSP > Version > 2 which is why I question is it something to do with my setup. > > Thanks > > Paul > > On Sun, 2 Oct 2011 18:51:03 +0200, Thomas Eckardt wrote: >>>that ASSP Version 2 has this issue >> >> This is not an ASSP issue - your client is doing bad SMTP. >> >>>when is the next release planned >> >> possibly tomorrow >> >> Thomas >> >> >> >> >> Von: Paul Farrow <[email protected]> >> An: ASSP development mailing list >> <[email protected]> >> Datum: 02.10.2011 13:43 >> Betreff: Re: [Assp-test] Thunderbird SSL/TLS with ASSP >> Version >> 2 >> >> >> >> >> >> Hi Thomas >> >> I kinda find it hard to believe that ASSP Version 2 has this issue, >> I >> wondered if it was something more to do with my setup. There must >> be >> lots of peeps out there that use Thunderbird. My next question is >> when >> is the next release planned as I would really like to get my >> Thunderbird >> clients working again without having to switch off SSL? >> >> Thanks for your quick reply and all you do for the ASSP project. >> >> Paul >> >> On Sun, 2 Oct 2011 11:21:06 +0200, Thomas Eckardt wrote: >>> Your client '10.1.10.149' is talking before the MTA has sent the >>> '220 >>> ...' >>> greeting - this is a SMTP misbehave. >>> The next release will ignore this mistake, if the mail is outgoing >>> or >>> the >>> sending IP matches accepAllMail. >>> >>> Thomas >>> >>> >>> >>> >>> Von: Paul Farrow <[email protected]> >>> An: <[email protected]> >>> Datum: 02.10.2011 03:09 >>> Betreff: [Assp-test] Thunderbird SSL/TLS with ASSP Version 2 >>> >>> >>> >>> >>> >>> Hi Guys >>> >>> I have just switched from ASSP Version 1 to ASSP Version 2 and >>> can't >>> get my Thunderbird (Mac or PC) clients to authenticate over >>> SSL/TLS. >>> >>> The error I see is >>> >>> Oct-01-11 20:58:06 [Worker_1] Connected: 10.1.10.149:49514 > >>> 70.88.29.81:465 > 70.88.29.81:45014 > 70.88.29.81:125 , 7-16 >>> Oct-01-11 20:58:06 [Worker_1] 10.1.10.149 Message-Score: added 25 >>> for >>> EarlyTalker, total score for this message is now 25 >>> Oct-01-11 20:58:06 [Worker_1] 10.1.10.149 [SMTP Error] 554 5.7.1 >>> Misbehaved SMTP session (EarlyTalker) >>> Oct-01-11 20:58:06 [Worker_1] Disconnected: 10.1.10.149 - command >>> list >>> was 'n/a' - used 1 SocketCalls >>> >>> I have QMail as the MTA behind ASSP if that is a clue and my >>> android >>> phone authenticates over SSL/TLS no problem. >>> >>> It all worked fine over ASSP Version 1 except for the known odd SSL >>> timeout error with attachments. >>> >>> Thanks in advance. >>> >>> Paul >>> >>> >>> >>> >>> >> >> > > ------------------------------------------------------------------------------ >>> All of the data generated in your IT infrastructure is seriously >>> valuable. >>> Why? It contains a definitive record of application performance, >>> security >>> threats, fraudulent activity, and more. Splunk takes this data and >>> makes >>> sense of it. IT sense. And common sense. >>> http://p.sf.net/sfu/splunk-d2dcopy2 >>> _______________________________________________ >>> Assp-test mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/assp-test >>> >>> >>> >>> >>> DISCLAIMER: >>> ******************************************************* >>> This email and any files transmitted with it may be confidential, >>> legally >>> privileged and protected in law and are intended solely for the use >>> of the >>> >>> individual to whom it is addressed. >>> This email was multiple times scanned for viruses. There should be >>> no >>> known virus in this email! >>> ******************************************************* >> >> >> >> >> > > ------------------------------------------------------------------------------ >> All of the data generated in your IT infrastructure is seriously >> valuable. >> Why? It contains a definitive record of application performance, >> security >> threats, fraudulent activity, and more. Splunk takes this data and >> makes >> sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-d2dcopy2 >> _______________________________________________ >> Assp-test mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/assp-test >> >> >> >> >> DISCLAIMER: >> ******************************************************* >> This email and any files transmitted with it may be confidential, >> legally >> privileged and protected in law and are intended solely for the use >> of the >> >> individual to whom it is addressed. >> This email was multiple times scanned for viruses. There should be >> no >> known virus in this email! >> ******************************************************* > > > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure > contains a > definitive record of customers, application performance, security > threats, fraudulent activity and more. Splunk takes this data and > makes > sense of it. Business sense. IT sense. Common sense. > http://p.sf.net/sfu/splunk-d2dcopy1 > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, > legally > privileged and protected in law and are intended solely for the use > of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
