David Hofstee wrote:
Hi,
I've an interesting RFC question. In an SMTP reply, one can have
single line or multiline replies. E.g.
521 single line reply
or
521-Line one
521-Line two
521 Line three
Correct.
See also https://tools.ietf.org/html/rfc821#page-50 .
My question is: The reply
Hi,
I've an interesting RFC question. In an SMTP reply, one can have single
line or multiline replies. E.g.
521 single line reply
or
521-Line one
521-Line two
521 Line three
See also https://tools.ietf.org/html/rfc821#page-50 .
My question is: The reply is an answer that is, necessarily,
Yes, I know. The subsequent RFCs 2821 and 5321 are equally unclear on this,
I think.
But it is a bit weird to say the human-readable text is for humans only.
Since it is transferred via SMTP, the RFC should define how to handle it.
And it is ambiguous. I would like option 1 best.
David
On 7
Hi David,
Given this example from an SMTP trace:
550-5.7.1 [X.X.X.X 18] Our system has detected that this message is
550-5.7.1 likely suspicious due to the very low reputation of the sending IP
550-5.7.1 address. To best protect our users from spam, the message has been
550-5.7.1 blocked.
David Hofstee wrote:
> Now if you're talking about what goes to syslog
Yes, that is indeed what I am talking about. Or more precise: I get
some reply from the server. What value is it supposed to represent.
There is no definition in the standards because it's the human readable
response
Google messages are simply wrapped at 76 chars, so "unfolding" is
always right with their messages, but I've sees ascii arts in
multiline responses too and if you remove newlines you break the art!
:-)
OK, ignoring ascii arts, you'll still find messages like this one:
550-5.7.0 Message
Struggling a bit to understand a development this morning about MTAs being
listed on Spamhaus for a CBL listing for something called c_sludge. The Googles
has really nothing helpful about what c_sludge is.
Thoughts? Tips?
Kirk MacDonald
System Analyst II
Internet
Eastlink
I'm not sure if this answers your question, but there is a virus with
that signature name from 2012/2013, e.g 'VBS_SLUDGE.C' (trendmicro).
samples (available via vt):
dc8da24b429b9e8c41a7ec87e0c69472ea47fe0d
7b7a22e0c819800cc25c55994cdb5ccb3f936ee4
the obfuscated vbs comes down to:
var z2 =
Just wanted to add my two bits..
From our experience, multi-line greetings/responses, while they SHOULD
be supported by all SMTP senders, in the real world there still is
enough problems that perhaps 10% of our ISP/Telco customers were forced
to turn off multi-line greetings/responses, to
