关于私人网段发 email 被 reject 是不是违规现象
zher 一直没有给我出处,导致我误会 zher 是随便忽悠我的。
现在我有足够的证据相信是我太敏感了。 zher 讨论的态度是认真的。
我仔细看了一下 RFC 5321:
我猜 zher 想引用的是这个: section 4.1.4
An SMTP server MAY verify that the domain name argument in the EHLO
command actually corresponds to the IP address of the client.
However, if the verification fails, the server MUST NOT refuse to
^^^^^^^^^^^^
accept a message on that basis. Information captured in the
verification attempt is for logging and tracing purposes. Note that
this prohibition applies to the matching of the parameter to its IP
address only; see Section 7.9 for a more extensive discussion of
^^^^^^^^^^^^^^^^^^
rejecting incoming connections or mail messages.
我现在可以理解 zher 为什么说这个是违法协议了。这里提到了 MUST NOT
refuse。 但是这里说的是不能因为 DNS 和 IP 不 match 来拒绝是违反
协议的。我们讨论的并不是 DNS 和 IP 不配对,是 IP 所在的 range 按照
ISP 协议不应该发 email. 这里也提到了看 7.9 更加详细的描述。
真正覆盖这个 spam 的是 section
6.2. Unwanted, Unsolicited, and "Attack" Messages
里面同样提到 Section 7.9
然后我在 7.9 找到这个:
7.9. Scope of Operation of SMTP Servers
It is a well-established principle that an SMTP server may refuse to
accept mail for any operational or technical reason that makes sense
to the site providing the server. However, cooperation among sites
and installations makes the Internet possible. If sites take
excessive advantage of the right to reject traffic, the ubiquity of
email availability (one of the strengths of the Internet) will be
threatened; considerable care should be taken and balance maintained
if a site decides to be selective about the traffic it will accept
and process.
这个是说不鼓励随便乱拒绝服务,但是没有用 Must Not 的字眼。
然后后面这一段是专门讲述了我提到的 ISP Non-MTA client IP range
的现象的:
In recent years, use of the relay function through arbitrary sites
has been used as part of hostile efforts to hide the actual origins
of mail. Some sites have decided to limit the use of the relay
function to known or identifiable sources, and implementations SHOULD
provide the capability to perform this type of filtering. When mail
is rejected for these or other policy reasons, a 550 code SHOULD be
used in response to EHLO (or HELO), MAIL, or RCPT as appropriate.
所以 RFC 5321。 Section 7.9 描述了 ISP 和其他 email server 这么
做是*符合*协议的。并给出了建议做法: (SHOULD response 550).
所以,结论是:
1) zher 不是随便拿个协议来忽悠我,我误会了 zher.
zher 是真的相信有这个协议,真的相信有违规现象。
我被那个 "IPS 协议” 忽悠了因为查了一下 IPS 神马玩意都不是。
zher 同学的态度是认真严肃的,这里向 zher 同学郑重道歉。
2)这个出处是有的,但是我觉得 zher 的理解是错的。这个是符合协议的。
真正对应的是 section 7.9 专门描述这种现象并给出建议。我不知道
我的理解对不对,还希望指正。
Any way, 我对搞清楚技术问题真相的兴趣远远大于证明谁对谁错。
这其中有很多对 zher 冒犯还请原谅。
SSA