2 Bit Hacker

I’m off to San Jose, CA till Thursday to attend the NANOG conference with my boss. Should be a fun trip, my first NANOG and my first time out that far west. If anyone out there wants to try and meet up while I’m out there, drop me an e-mail.

Also, my eee PC is cool. Using it in the terminal to write this.

Recently at work I have been noticing an annoying trend in large provider e-mail installations. Due to the nature of our e-mail forwarding services, we occasionally get blocked by providers such as Comcast and AT&T. This normally isn’t a big deal, but a few months ago Comcast made a change to their mail system, and now when you get blocked it will respond to an open connection with a 554 error and close the connection. AT&T now does something similar, issuing a 550 error and closing the connection. I don’t mind getting blocked so much, but the manner in which they do so violates the SMTP RFCs, and that just gets on my nerves.

The specific RFCs in question are 821 and it’s proposed successor, 2821. The section in question in both of these documents is 4.3, which specifies what responses can be returned for various commands. 821 specifies that the initial client connection can be answered with a 220, which is normal, or a 421, meaning the service is not available, and the connection will be closed. The 421 can be issued at any time during the conversation, and usually indicates that the server is shutting down and can’t complete what it’s doing. RFC 2821 changed this, allowing the 220 or a 554. AT&T’s response code of 550 is not a valid response in either RFC, so AT&T isn’t following the RFC at all with their reply. Comcast’s reply is technically valid, but I feel it’s being used incorrectly.

The was an interesting thread on the exim-users mailing list on the topic, beginning with Exim’s handling of 554 on connect and expanding into the meaning of the return code. Some people think it means that you are being told you will never be able to deliver the message you are trying to send and should discard it, which is how Exim handles it. Others (including myself) think it’s intended meaning is to indicate that the server in question cannot take the mail, but the delivery should be attempted at other MX records for the domain, or other A records for the current MX. Keep in mind that the server doesn’t know anything about the message at this point, the client hasn’t had a chance to say EHLO, let alone give sender and recipient information. RFC 2821 states the meaning for 554 on connect to mean “No SMTP service here”, which is fairly vague. My opinion is that this indicates that this particular server will not except mail for any reason, not that the message is undeliverable (unless this is the only A record for the recipient domain’s MX record.) In this case, using 554 on connect to reject mail from a particular server isn’t really helpful. The generally accepted method of rejecting after RCPT commands is probably a better route, since the server may be trying to send to your postmaster address, which you’re obligated to take mail for.

Regardless of the meaning of 554 and the appropriateness of it’s use as a rejection mechanism against spammers, Comcast and AT&T are also ignoring the RFCs by dropping the connection after issuing their error codes. Here’s the relevant part of RFC 2821:

The SMTP protocol allows a server to formally reject a transaction while still allowing the initial connection as follows: a 554 response MAY be given in the initial connection opening message instead of the 220. A server taking this approach MUST still wait for the client to send a QUIT (see section 4.1.1.10) before closing the connection and SHOULD respond to any intervening commands with “503 bad sequence of commands”. Since an attempt to make an SMTP connection to such a system is probably in error, a server returning a 554 response on connection opening SHOULD provide enough information in the reply text to facilitate debugging of the sending system.

See that “MUST still wait for the client to send a QUIT”? Both Comcast and AT&T don’t follow that. It would be permissible to timeout after that, but the RFC doesn’t allow for simply dropping the connection.

So what to do about this people? I’m not really sure. It would be nice if large e-mail providers respected the rules put forth by the Internet community, but how do you penalize them if they don’t? The only idea I currently have is to form something similar to the existing rfc-ignorant.org listings, but for general RFC breakers, as opposed to their specific lists. This could then be used to block mail from sites that don’t follow the rules, which if you’re big enough would get their attention, but hurts users by rejecting their e-mail.

As a mixed blessing, the Internet is designed to allow people to do pretty much whatever they want to do with the servers they run, and there’s just no good way to get some sites, especially large company sites, to follow the rules if they don’t want to, unless you deny them access to things they want.

So, made it back from Ashburn yesterday. Crashed last night and slept like 14 hours. Feeling pretty much back to normal now. It was a fun trip, and I’m kindof amazed how smooth everything got installed. Looking forward to doing Chicago and Palo Alto next month.

In non-work related stuff, I’m hopefully getting my ham radio license on Saturday, just need to get down to Nashua around 9 for the exam session.

So, I’m in Ashburn, VA doing some work in our colo down here. Drove down on Sunday, took a different route to NJ than usual, using I-84 and avoiding I-95 which worked out pretty well and took I-78 out to Harrisburg, PA before turning south on Route 15 to get into VA. Not a bad drive altogether.

We got most of the work done today, just need to finish things up tomorrow and should be on our way home on Wednesday. Wish I could babble about the datacenter, but I’m not sure how much of it is covered by the NDA.

Once again, it’s been awhile since I’ve written anything to my blag, but since Hindenburg is up and running again and I just upgraded WordPress, I suppose I should actually write something.

Work is going well, with the next couple of months looking to be pretty busy. I’ll be traveling to Virginia next week to rework our servers there. It’s the first time I’ve been to a datacenter other than Boston, so it should be pretty interesting. Sounds like I’ll also be going to Chicago and San Jose, but I don’t know the details on that quite yet.

On the home front, I’ve got a couple of projects I’ve been working on, a NanoBSD based home router using a MiniITX board I’ve had sitting around for the past couple of years, and I recently purchased an inexpensive Dell system which I plan to use as a Home Theater PC running Ubuntu. I’m planning to rig it up to pull shows off of my TiVo and automatically transcode them into formats suitable for watching from my Treo or iPod. Should be pretty neat once I get it set up and running.

I’ve also been studying to get my amateur radio license. I’ve been taking practice tests on my Treo using EggsHam and am getting to the point of only getting 2 or 3 questions wrong per test. The next testing session in the area is on June 16^th, so I’m hoping to go down then, get my license, then head to the MIT Flea on the 17^th and maybe find a handheld transceiver.

As usual, it’s been a while since I’ve posted anything. For one reason or another I just don’t seem to feel I have enough going on that the world needs to know about. For some reason I feel like posting a general update at the moment, and so I shall.

My works is going along nicely. The new office space is rather nice, and it’s network is ticking along quite happily to itself. I’m enjoying the System Administrator position, although it does mean the occaisional late night when a server decides to act up. Apparently I’ve been assigned to more of a projects roll than a maintainence roll, working on improving things and setting up new tools for internal use. In the near future I’ll be rolling out Cacti to replace our MRTG instances, and probably upgrading Nagios. All in all, rather good.

On the home front, we’re looking for a new one. The new landlords at the current location have decided to increase our rent while at the same time taking away our storage space in the basement (claiming it’s a fire hazard, while also saying they’re planning on pouring concrete down there, apparently.) So, Delia and I looked at a few townhouses, one of which we rathered liked in Merrimack. Unforunately, I don’t think my credit is going to be good enough at this time to swing a loan. The combination of lack of credit history and my inconsistent bills payments from last year (from the whole unemployment/PepBoys time period) don’t look so great to the banks.

So, it looks like we’ll be renting for a while longer. I’d like to get out of where we are though, and are currently leaning toward a complex in Bedford. While more expensive than the current location, it’s also quite a lot nicer, so I think it’ll be worth it. My plan is to rent for another year or two, keeping better documentation on my bill payments, so that when we go for the buying-a-place option again, I’ll have everything all put together to give to the loan people.

I’ve also been giving some thought to taking a stab at the HTPC project again. I’ve got all the hardware I need, it’s just a matter of throwing it together an making it work. With the recent upgrade to Delia’s PC, I even have my original motherboard and CPU back. I think I’m going to go with an external VGA< ->NTSC adapter this time around though, since I wasn’t very pleased with the TV-out support for my chipset under Linux, and I really want to use MythTV. Also not too sure about controlling the new cable box. My old box had a nice RS-232 port on the back which allowed for direct serial control. The new one does not, which means I’ll probably end up having to go with an IR blaster of some sort. We shall see.

I’ve been meaning to write an update for a while, I was originally intending to write it as a New Year’s thing, but I’m a slacker, so yeah…

Anyway, for those of you who don’t know, I am once again employed doing what I’m actually good at. I’m working as an Application Developer for Dynamic Network Services, Inc., right here in sunny Manchester. It’s mostly perl programming, working on their website and some of the support systems. I’ve been there about a month now, and it’s been great.

I’m still working at PepBoys on Saturdays, though I’m not sure how long I’ll keep doing that. Mostly it’s just because I know they’re low on people and can use the help, and the little extra money helps out.

Other than that, I haven’t really been up to much. I go to a couple D&D games each week, other than that it’s just work and sleep. Delia’s still playing WoW a lot, but I’ve lost most of my interest in it except to kill time from time to time.

That’s about all I can think of at the moment. I could have sworn I had more to write about, but I can’t think of any of it at the moment.