[
https://issues.apache.org/jira/browse/JAMES-3820?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17620589#comment-17620589
]
ouvtam commented on JAMES-3820:
-------------------------------
Agree.
> DNS Blocklist: implement DNSRBLHandler as MailHook instead of RcptHook
> ----------------------------------------------------------------------
>
> Key: JAMES-3820
> URL: https://issues.apache.org/jira/browse/JAMES-3820
> Project: James Server
> Issue Type: Improvement
> Components: SMTPServer
> Reporter: ouvtam
> Priority: Minor
> Time Spent: 1h 50m
> Remaining Estimate: 0h
>
> At the moment the DNSRBL handler
> (org.apache.james.protocols.smtp.core.fastfail.DNSRBLHandler) is implemented
> as a RcptHook. Thus, for every RCPT TO call this handler will be called and a
> blocklist lookup will be issued.
> One can argue It makes sense to implement the handler as a ConnectHandler, so
> the blocklist check is done as early as possible. However, if SMTP AUTH is
> successful then we should allow the connecting client anyway.
> Therefore it makes sense to implement the DNSRBL handler at MAIL FROM stage
> that is MailHook. One exception is the following. According to [RFC
> 4954|https://datatracker.ietf.org/doc/html/rfc4954#section-5], authentication
> information can optionally provided as ESMTP AUTH parameter with a _single_
> value in the '{{{}MAIL FROM:{}}}' command.
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
