[FW1] 4.1 smtp security server not fully rfc821 compliant, <#@[]> 'invalid address syntax'

Tue, 20 Jun 2000 11:36:16 -0700 


platform: 4.1 SP1+Hotfix 41603 [VPN + DES + STRONG], Solaris 7


hi list,
it looks like the fw-1 smtp security server isn't fully RFC821
compliant. Mails with a sender address <#@[]> are accepted by the smtp
security server with a reply code '250 Ok'. This means according RFC821
everything is fine: "250 Requested mail action okay, completed".
Nevertheless they are not delivered to the final destination 
by the fw-1 mail dequeuer.

The trouble is caused by the fw-1 mail dequeuer which logs 
"failed: 553 Invalid address syntax" and drops the mail silently! This
means bounces (<#@[]> usually are bounces) do vanish on the firewall
system without notice. My customer doesn't really like the idea that 
mails are vanishing on his firewall system. <#@[]> is supposed to be
a valid address.


Attached you'll find some verbatim stuff documenting in more detail 
what I'm talking about.

Olaf
-- 
Olaf Selke, [EMAIL PROTECTED], voice +49 5241 80-7069


======= the sender <#@[]> is accepted and confirmed with code 250 ======

root@mx [/] >>telnet internal 25
Trying ...
Connected to internal.mediaways.net.
Escape character is '^]'.
220 CheckPoint FireWall-1 secure SMTP server
mail from: <#@[]>
250  <#@[]>... Sender ok
rcpt to: <[EMAIL PROTECTED]>
250  <[EMAIL PROTECTED] Recipient ok
data
354 Enter mail, end with "." on a line by itself
test with <#@[]>
.
250 Ok
quit
221 Closing connection
Connection closed by foreign host.

=== the mail is placed into the spool dir, good ==========

19:38:03 accept firewall >daemon proto tcp src mx.mediaways.net dst 
internal.mediaways.net service smtp s_port 61123 agent mail server orig_from <#@[]> 
orig_to <[EMAIL PROTECTED]> rule 19 

=== the mail can't be dequeued and is dropped silently, that's very very bad!

19:38:34 reject firewall >daemon proto tcp src mx.mediaways.net dst 
internal.mediaways.net service smtp s_port 61123 agent mail dequeuer orig_from <#@[]> 
orig_to <[EMAIL PROTECTED]> from <#@[]> to <[EMAIL PROTECTED]> 
rule 19 reason <mail from: <#@[]>> failed: 553 Invalid address syntax




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to