Sendmail applet may need to validate on RCPT

Gustavo Zacarias gustavo at zacarias.com.ar
Fri Mar 27 19:30:19 UTC 2009


Vladimir Dronnikov wrote:

> Hello, Gustavo!

Hi Vladimir.

> What do you mean by "proper"? Full-blown?

Against a sendmail (www.sendmail.org) server.

> Is this the problem of BB sendmail, or none sendmails can do that?
> I've no linux distribution, so can't check it myself.

At the moment (busybox 1.13.3 for me) the sendmail applet tries to AUTH
only if a MAIL FROM fails.
In my mail server i've got rules that specify that you need to be
authenticated to relay messages (send messages to other domains from
non-local IP addresses).
May internet service providers require users to authenticate before
sending mail.

> We should first consult SMTP RFCs for validity of such a scenario. Can
> anyone on the list fetch the answer right off his "cache"? :)

http://tools.ietf.org/html/rfc2554 is the RFC we should look into.
http://qmail.jms1.net/test-auth.shtml -> qmail hints that AUTH should go
before MAIL FROM.
The deal is that sendmail.org knows if you need to auth only when it
knows who the mail is addressed to. Depending on configuration options
if the "to" is a server-handled domain then it won't need auth. But if
the mail is going somewhere else it needs your user/password to allow this.
The RFC basically says that you AUTH before EHLO or during FROM.
At the moment busybox tries to AUTH only if necessary by checking the
SMTP answer.
An option would be required to "force" AUTH before FROM (or just enable
it for that matter) otherwise it could sleep on cred not being available
or being unnecessary on a tty.

Regards.


More information about the busybox mailing list