SMTP PIPELINING Correctness when using unrecognized command - smtp

While understanding SMTP PIPELINING RFC 2920 Section 3.2 indicates that a server supporting pipelining MUST NOT buffer responses to unrecognized commands. Is the ideal response to expect an SMTP Protocol Violation Error?
For example, here's a transcript without pipelining but when using an UNKNOWNCOMMAND:
C: EHLO domain
S: 250-ServerName ..... 250-PIPELINING
C: UNKNOWNCOMMAND
S: 500 Unrecognized Command
C: EHLO domain
S: 250-ServerName ..... 250-PIPELINING
With pipelining
C: EHLO domain
S: 250-ServerName ..... 250-PIPELINING
C: UNKNOWNCOMMAND\r\nEHLO domain
S: 500 Unrecognized Command
S: 250-ServerName ..... 250-PIPELINING
Is this the expected behavior or should the SMTP server not buffer responses to unknown commands and to specific commands like EHLO | DATA | NOOP (RFC 2920 Section 3.2 Point 5)? So for the pipelined UNKNOWNCOMMAND\r\nEHLO domain, should the server send only one 500 Unrecognized Command response and flush the TCP input buffer? Are the servers which exhibit this behavior adhering to a stricter constraints?

The relevant points of section 3.2 are:
(6) [The server] MUST NOT buffer responses to unrecognized commands.
(9) [The server] MUST NOT flush or otherwise lose the contents of the TCP input buffer under any circumstances whatsoever.
I interpret these two points as follows: If you send an unknown command followed by a known command in a "single" TCP packet, the server has to send its response to the unknown command immediately before it reads from its input again. In other words, you receive "two" TCP packets instead of one. Unless you monitor your network traffic (or measure the precise timing programmatically), you won't be able to notice the difference. As indicated by the point 9 above, the server may not reset its input buffer.
As a client, you can usually also send commands after EHLO and DATA immediately without any issues because most server don't look ahead in their input buffers. However, such a client violates the pipelining extension. Detecting this can be used as an anti-spam technique (see invalid pipelining in this Wikipedia article).

Related

Can the EHLO or HELO SMTP command be issued more than once?

In conforming rfc5321 SMTP implementations, can the EHLO or HELO command be issued more than once? If so, what effects should that have on the connection state?
All section 4.1.1.1 mentions is
A client SMTP SHOULD start an SMTP session by issuing the EHLO command. [...] In any event, a client MUST issue HELO or EHLO before starting a mail transaction. These commands, and a "250 OK" reply to one of them, confirm that both the SMTP client and the SMTP server are in the initial state, that is, there is no transaction in progress and all state tables and buffers are cleared.
That implies (though doesn't spell out) that if a transaction is in progress, sending an EHLO or HELO command is a sequencing error.
Despite the implication that the server must be in the initial state, this is allowed per section 4.1.4:
An EHLO command MAY be issued by a client later in the session. If it is issued after the session begins and the EHLO command is acceptable to the SMTP server, the SMTP server MUST clear all buffers and reset the state exactly as if a RSET command had been issued.
So the part about it "confirming" that both client and server are in the initial state must be read to mean that after the EHLO response has been received, the server must then be in the initial state, and the client must also be in the initial state (and an unexpected initial state on the client side may be the reason for the EHLO to begin with)

Problems sniffing IPV6 SYN - ACK Packets

I am using following filter expression to sniff IPv4/IPv6 SYN/ACK/FIN/RST packets. This works fine using tcpdump for IPv4 however for IPv6 I dont see any thing coming
tcp port 80 and (tcp[tcpflags] & (tcp-syn|tcp-ack|tcp-fin|tcp-rst) != 0)
Currently, TCPDump (and Wireshark) do not support embedded protocol BPF filters under IPv6. In order to find these packets, you would have to use BPF offsets and masks.
For example:
ip6 proto tcp and ip6[13+40]&0x17!=0
Here we are checking to see if TCP is the embedded protocol in the IPv6 header. From there, we are going 13 bytes into the TCP header and adding 40 bytes since we are referencing it from the start of the ip6 header. I'm assuming that you know already that 0x17 would be the mask to match what you have written (SYN|ACK|FIN|RST).
While there is a protochain option which can find TCP anywhere in the protocol chain, it really isn't practical to use BPF to track down which "Next Header" contains TCP (it should be the last one).
To add the port to the above, you would just add:
and ip6[(40+2):2]=80

How to interpret this particular SMTP response by AOL?

Connect to AOL's mail server:
telnet mailin-01.mx.aol.com 25
You receive:
554- (RTR:DU) https://postmaster.aol.com/error-codes#554rtrdu
554 Connecting IP: 82.xxx.xxx.xxx
Connection to host lost.
Interestingly, the line breaks after the first two lines are <CR><CR><LF>. This is not visible in the telnet output. I determined this using a C# program that prints the bytes.
This appears to be invalid SMTP behavior. Is it? How to deal with that when writing an SMTP client?
(I understand the reason for the error code. The question is not about that but about the apparent protocol violation.)

Why does SMTP (and similar protocols) have the QUIT command?

It seems to me that the operation doesn't give any information to any participant. Closing the TCP connection by the client can be detected by the server just as well. And the client doesn't need any kind of acknowledgement after deciding to disconnect from the server and calling QUIT.

Packet is received on TCP level but not able to read

we are using SMPP protocol for sending messages to SMSC.
When SMSC restarted session, client binded it again successfully
But client unable to get/read further pdu like submit_resp, enquire_resp which SMSC has sent.
We have checked tcp dump using wireshark,
it has been found that client receive tcp packet in tcp dump, app not able to read anything,
In app, we have used Logica smpp lib.
we have checked by putting more logs in logica lib, then it is found that Logica lib doesn't get any thing to read from socket.
Please have comment, which can give more detail direction !!
You mentioned that when SMSC restarts,
The client bound again.
The client is not able to read subsequent PDU(s).
Since the question does not give any specific information, I will have to guess what the problem is. I would suggest to check the code for stale com.logica.smpp.Session object(s).