Minor softwares for use with qmail

These are some minor softwares for use with Dan Bernstein's qmail.

Changing qmail-smtpd to be in line with RFC 2821 section 4.2.4

This patch modifies the behaviour of qmail-smtpd so that it responds with a 500 error code to unrecognised SMTP commands instead of a 502 error code.

RFC 2821 section 4.2.4 says

502 SHOULD be used when the command is actually recognized by the SMTP server, but not implemented. If the command is not recognized, code 500 SHOULD be returned.

Stock qmail-smtpd does not have a "recognized, but not implemented" category of commands. A command is either recognised and implemented, or not implemented and not recognised. However, the patch allows for such commands to be added in the future (by the simple expedient of explicitly making err_unimpl() the implementation of the relevant command).

This is not a qmail-smtpd bug, for two reasons:

Changing qmail-smtpd to abort the session if an HTTP verb is used.

This patch modifies the behaviour of qmail-smtpd so that if a GET, POST, or HEAD verb is used, it will respond with a 221 code and abort the session.

A common abuse is to send mail by having the back end of a proxy HTTP server connect to an SMTP Relay server, and perform an SMTP transaction under the mistaken belief that it is performing an HTTP transaction.

This patch is a simple way of avoiding SMTP Relay clients that are actually the back ends of proxy HTTP servers. It simply aborts the session when it encounters an HTTP verb.

The risk of using this patch is that one's SMTP Relay service will be incompatible with any future extension to the SMTP protocol that employs those verbs.

Removing the bodge that works around a BIND version 4 problem

This patch modifies the behaviour of qmail-remote to remove the workaround that Dan Bernstein added on 1996-10-03 to work around a bug in BIND versions earlier than version 4.9.4.

Applying this patch incurs a risk, but yields a benefit. It is published in order to allow others to experiment with removing the workaround.

The risk is twofold:

The benefit of this patch is that it reduces DNS query traffic and proxy DNS server cache load.


© Copyright 2003–2004 Jonathan de Boyne Pollard. All rights reserved. "Moral" rights asserted.
Permission is hereby granted to copy and to distribute this web page in its original, unmodified form as long as its last modification datestamp information is preserved.