Re: [Uta] how to log, was flake ho, was MTA-STS with lots of domains

Tue, 15 Jan 2019 06:52:42 -0800 

On Tue 2019-01-15 01:50:33 -0500, Viktor Dukhovni wrote:
> where the "TCP-Info" in the "BY" clause records the SNI name?  Is that
> right?  It is an interesting idea, but perhaps that boat had sailed
> many decades ago?  Starting with Sendmail versions going back to at
> least the mid 1980's, the "comment" after the "BY" clause has been
> used primarily used to record the MTA software version, though usages
> do very.  Here are some trace headers from a single message:
>
>   Received: from zardoc.esmtp.org (zardoc.esmtp.org [75.101.48.117])
>       (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
>       (No client certificate requested)
>       by mournblade.imrryr.org (Postfix) with ESMTPS id AB5307A3309
>       for <[email protected]>; Fri, 22 Jun 2018 16:30:20 +0000 (UTC)
>       (envelope-from [email protected])
>   Received: from x2.esmtp.org (localhost. [127.0.0.1])
>       by zardoc.esmtp.org (MeTA1-1.1.Alpha10.0) with ESMTPS
>       (TLS=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256, verify=OK)
>       id S000000000033346B00; Fri, 22 Jun 2018 09:30:18 -0700
>   Received: (from ...@localhost)
>       by x2.esmtp.org (8.14.6/8.12.10.Beta0/Submit) id w5MGUIOU003106
>       for [email protected]; Fri, 22 Jun 2018 09:30:18 -0700 (PDT)
>
> None of the "BY" clauses look like "TCP-Info".  Looking at Exim messages in
> my mailbox, it puts no comments after "BY".  Only your messages from Qmail
> seem to have transport related information int the comment following the
> "BY" clause...

the TCP-info and the Comment are distinct parenthetical clauses.  If you
read the ABNF from 5322 and 5321 closely, you can have both a
parenthetical TCP-info, followed by a parenthetical Comment.

So this is legitimate, afaict:

  Received: from bar.example.net (bar.example.net [192.2.0.156])
    with ESMTPS by foo.example.org (mx.example.org [192.2.0.15])
    (MailTransportAgentPro 1.2.1); Tue, 15 Jan 2019 09:49:30 -0500

The ambiguity comes in if there is exactly one parenthetical, and it
matches the ABNF for a TCP-info.  then it's not clear whether it was
intended as a TCP-info, or is a free-form comment that happened to
match.

    --dkg

_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta

Reply via email to