|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Wietse Venema (wietse
porcupine.org)
Date: Sat Dec 01 2007 - 20:51:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Victor Duchovni:
> On Sat, Dec 01, 2007 at 10:43:53PM +0000, Keean Schupke wrote:
>
> > have added a dsn_valid() check, and swapped to using strtoul, along
> > with unsigned long for all time values... no negative times.
>
> In http://tools.ietf.org/html/rfc4954#section-6, the enhanced status
> code for AUTH failures is defined as:
>
> 535 5.7.8 Authentication credentials invalid
>
> which extends:
>
> http://tools.ietf.org/html/rfc3463#section-3.8
>
> which only defines 5.7.0-5.7.7
>
> It may be appropriate to further check the enhanced status code (if
> present) and skip responses where 535 is accompanied by an enhanced
> status code other than 5.7.8. On the other hand, the 535 response is not
> currently supposed to be accompanied by any other enhanced status code,
> so this may be too pedantic.
As long as Postfix recognizes the 535 SMTP status in this very
specific context (AUTH request) there should be no need to require
a specific enhanced status code.
It is the SMTP client's job to translate protocol-specific server
replies (535 5.7.8 yadda yadda) into something meaningful (suspend
all further usage of this password for this user and server).
Is there a need for the SMTP client to make a sanitized version of
the server reply available to other software? If not, then why
bother.
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]