Overview
Examples
Screenshots
Comparisons
Applications
Download
Documentation
Tutorials
Bazaar
Status & Roadmap
FAQ
Authors & License
Forums
Funding Ultimate++
Search on this site
Search in forums












SourceForge.net Logo
Home » U++ Library support » U++ MT-multithreading and servers » smtp problem
smtp problem [message #28661] Thu, 09 September 2010 22:15 Go to next message
Zbych is currently offline  Zbych
Messages: 307
Registered: July 2009
Senior Member
Hi,

Do you guys know why SmtpMail from Web package uses domain from e-mail "from" field in HELO command instead of client address or domain name?

When I send email with "from" field set to "xxx@poczta.onet.pl" SmtpMail uses "poczta.onet.pl" in HELO command and server returns "553 5.7.1 Invalid EHLO command [HELO poczta.onet.pl], EHLO should contain FQDN, see RFC 2821"

What is more strange to me, if I replace client domain name with smtp server domain name (HELO smtp.poczta.onet.pl) everything is ok.

Is it normal behavior or this smtp server is odd?
Re: smtp problem [message #28663 is a reply to message #28661] Fri, 10 September 2010 08:12 Go to previous messageGo to next message
Sc0rch is currently offline  Sc0rch
Messages: 99
Registered: February 2008
Location: Russia, Rubtsovsk
Member

Zbych wrote on Fri, 10 September 2010 03:15

Hi,
Is it normal behavior or this smtp server is odd?


As I know, "from" field in SmtpMail is just for information, maybe the package uses the part of string to define default SMTP-server (poczta.onet.pl). Always use domain/host method for alternative SMTP-server (in your case - smtp.poczta.onet.pl).

I don't have TheIDE at work =( sorry, if I wrong.

Best regards,
Anton
Re: smtp problem [message #28664 is a reply to message #28663] Fri, 10 September 2010 09:16 Go to previous messageGo to next message
Zbych is currently offline  Zbych
Messages: 307
Registered: July 2009
Senior Member
Sc0rch wrote on Fri, 10 September 2010 08:12


maybe the package uses the part of string to define default SMTP-server (poczta.onet.pl)


Yes, it does:

String org;
		int pos = from.Find('@');
		if(pos >= 0)
		{
			int start = ++pos, len = from.GetLength();
			while(pos < len && from[pos] != '>')
				pos++;
			org = from.Mid(start, pos - start);
		}
		else
			org << ipaddr;

		SendRecvOK(socket, "HELO " + org + "\r\n", trans_ptr);


Question is why some servers reject this domain and accept smtp domain?
Re: smtp problem [message #28678 is a reply to message #28664] Sat, 11 September 2010 17:14 Go to previous messageGo to next message
Mindtraveller is currently offline  Mindtraveller
Messages: 916
Registered: August 2007
Location: Russia, Moscow rgn.
Experienced Contributor

Servers usually accept login which is equal to "FROM:" record because of their internal options. It is done to fight spam and phishing. For example, one may send someone email and make FROM: admin@google.com with request to change user's password on some links which redirects to his deface/phishing resource. To prevent it, those mail servers which are well configured, prevent you from using names different from your login.
Re: smtp problem [message #28680 is a reply to message #28678] Sat, 11 September 2010 19:44 Go to previous message
Zbych is currently offline  Zbych
Messages: 307
Registered: July 2009
Senior Member
Mindtraveller wrote on Sat, 11 September 2010 17:14

Servers usually accept login which is equal to "FROM:" record because of their internal options. It is done to fight spam and phishing.


HELO has nothing to do with authorization.
According to RFC 821 smtp client uses HELO to tell sever who he is (smtp client should send his ip address or domain name).

Quote:


5.2.5 HELO Command: RFC-821 Section 3.5

The sender-SMTP MUST ensure that the <domain> parameter in a HELO command is a valid principal host domain name for the client host. As a result, the receiver-SMTP will not have to perform MX resolution on this name in order to validate the HELO parameter.

The HELO receiver MAY verify that the HELO parameter really corresponds to the IP address of the sender. However, the receiver MUST NOT refuse to accept a message, even if the sender's HELO command fails verification.

DISCUSSION:

Verifying the HELO parameter requires a domain name lookup and may therefore take considerable time. An alternative tool for tracking bogus mail sources is suggested below (see "DATA Command").

Note also that the HELO argument is still required to have valid <domain> syntax, since it will appear in a Received: line; otherwise, a 501 error is to be sent.

IMPLEMENTATION:

When HELO parameter validation fails, a suggested procedure is to insert a note about the unknown authenticity of the sender into the message header (e.g., in the "Received:" line).

Previous Topic: Socket: SYN_SENT stalled when ipscan connections in CoWork (MT)
Next Topic: Basic MT queries
Goto Forum:
  


Current Time: Tue Aug 20 03:51:10 CEST 2019

Total time taken to generate the page: 0.01953 seconds