rfc2821.txt 188KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428
  1. Network Working Group J. Klensin, Editor
  2. Request for Comments: 2821 AT&T Laboratories
  3. Obsoletes: 821, 974, 1869 April 2001
  4. Updates: 1123
  5. Category: Standards Track
  6. Simple Mail Transfer Protocol
  7. Status of this Memo
  8. This document specifies an Internet standards track protocol for the
  9. Internet community, and requests discussion and suggestions for
  10. improvements. Please refer to the current edition of the "Internet
  11. Official Protocol Standards" (STD 1) for the standardization state
  12. and status of this protocol. Distribution of this memo is unlimited.
  13. Copyright Notice
  14. Copyright (C) The Internet Society (2001). All Rights Reserved.
  15. Abstract
  16. This document is a self-contained specification of the basic protocol
  17. for the Internet electronic mail transport. It consolidates, updates
  18. and clarifies, but doesn't add new or change existing functionality
  19. of the following:
  20. - the original SMTP (Simple Mail Transfer Protocol) specification of
  21. RFC 821 [30],
  22. - domain name system requirements and implications for mail
  23. transport from RFC 1035 [22] and RFC 974 [27],
  24. - the clarifications and applicability statements in RFC 1123 [2],
  25. and
  26. - material drawn from the SMTP Extension mechanisms [19].
  27. It obsoletes RFC 821, RFC 974, and updates RFC 1123 (replaces the
  28. mail transport materials of RFC 1123). However, RFC 821 specifies
  29. some features that were not in significant use in the Internet by the
  30. mid-1990s and (in appendices) some additional transport models.
  31. Those sections are omitted here in the interest of clarity and
  32. brevity; readers needing them should refer to RFC 821.
  33. Klensin Standards Track [Page 1]
  34. RFC 2821 Simple Mail Transfer Protocol April 2001
  35. It also includes some additional material from RFC 1123 that required
  36. amplification. This material has been identified in multiple ways,
  37. mostly by tracking flaming on various lists and newsgroups and
  38. problems of unusual readings or interpretations that have appeared as
  39. the SMTP extensions have been deployed. Where this specification
  40. moves beyond consolidation and actually differs from earlier
  41. documents, it supersedes them technically as well as textually.
  42. Although SMTP was designed as a mail transport and delivery protocol,
  43. this specification also contains information that is important to its
  44. use as a 'mail submission' protocol, as recommended for POP [3, 26]
  45. and IMAP [6]. Additional submission issues are discussed in RFC 2476
  46. [15].
  47. Section 2.3 provides definitions of terms specific to this document.
  48. Except when the historical terminology is necessary for clarity, this
  49. document uses the current 'client' and 'server' terminology to
  50. identify the sending and receiving SMTP processes, respectively.
  51. A companion document [32] discusses message headers, message bodies
  52. and formats and structures for them, and their relationship.
  53. Table of Contents
  54. 1. Introduction .................................................. 4
  55. 2. The SMTP Model ................................................ 5
  56. 2.1 Basic Structure .............................................. 5
  57. 2.2 The Extension Model .......................................... 7
  58. 2.2.1 Background ................................................. 7
  59. 2.2.2 Definition and Registration of Extensions .................. 8
  60. 2.3 Terminology .................................................. 9
  61. 2.3.1 Mail Objects ............................................... 10
  62. 2.3.2 Senders and Receivers ...................................... 10
  63. 2.3.3 Mail Agents and Message Stores ............................. 10
  64. 2.3.4 Host ....................................................... 11
  65. 2.3.5 Domain ..................................................... 11
  66. 2.3.6 Buffer and State Table ..................................... 11
  67. 2.3.7 Lines ...................................................... 12
  68. 2.3.8 Originator, Delivery, Relay, and Gateway Systems ........... 12
  69. 2.3.9 Message Content and Mail Data .............................. 13
  70. 2.3.10 Mailbox and Address ....................................... 13
  71. 2.3.11 Reply ..................................................... 13
  72. 2.4 General Syntax Principles and Transaction Model .............. 13
  73. 3. The SMTP Procedures: An Overview .............................. 15
  74. 3.1 Session Initiation ........................................... 15
  75. 3.2 Client Initiation ............................................ 16
  76. 3.3 Mail Transactions ............................................ 16
  77. 3.4 Forwarding for Address Correction or Updating ................ 19
  78. Klensin Standards Track [Page 2]
  79. RFC 2821 Simple Mail Transfer Protocol April 2001
  80. 3.5 Commands for Debugging Addresses ............................. 20
  81. 3.5.1 Overview ................................................... 20
  82. 3.5.2 VRFY Normal Response ....................................... 22
  83. 3.5.3 Meaning of VRFY or EXPN Success Response ................... 22
  84. 3.5.4 Semantics and Applications of EXPN ......................... 23
  85. 3.6 Domains ...................................................... 23
  86. 3.7 Relaying ..................................................... 24
  87. 3.8 Mail Gatewaying .............................................. 25
  88. 3.8.1 Header Fields in Gatewaying ................................ 26
  89. 3.8.2 Received Lines in Gatewaying ............................... 26
  90. 3.8.3 Addresses in Gatewaying .................................... 26
  91. 3.8.4 Other Header Fields in Gatewaying .......................... 27
  92. 3.8.5 Envelopes in Gatewaying .................................... 27
  93. 3.9 Terminating Sessions and Connections ......................... 27
  94. 3.10 Mailing Lists and Aliases ................................... 28
  95. 3.10.1 Alias ..................................................... 28
  96. 3.10.2 List ...................................................... 28
  97. 4. The SMTP Specifications ....................................... 29
  98. 4.1 SMTP Commands ................................................ 29
  99. 4.1.1 Command Semantics and Syntax ............................... 29
  100. 4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO) ................... 29
  101. 4.1.1.2 MAIL (MAIL) .............................................. 31
  102. 4.1.1.3 RECIPIENT (RCPT) ......................................... 31
  103. 4.1.1.4 DATA (DATA) .............................................. 33
  104. 4.1.1.5 RESET (RSET) ............................................. 34
  105. 4.1.1.6 VERIFY (VRFY) ............................................ 35
  106. 4.1.1.7 EXPAND (EXPN) ............................................ 35
  107. 4.1.1.8 HELP (HELP) .............................................. 35
  108. 4.1.1.9 NOOP (NOOP) .............................................. 35
  109. 4.1.1.10 QUIT (QUIT) ............................................. 36
  110. 4.1.2 Command Argument Syntax .................................... 36
  111. 4.1.3 Address Literals ........................................... 38
  112. 4.1.4 Order of Commands .......................................... 39
  113. 4.1.5 Private-use Commands ....................................... 40
  114. 4.2 SMTP Replies ................................................ 40
  115. 4.2.1 Reply Code Severities and Theory ........................... 42
  116. 4.2.2 Reply Codes by Function Groups ............................. 44
  117. 4.2.3 Reply Codes in Numeric Order .............................. 45
  118. 4.2.4 Reply Code 502 ............................................. 46
  119. 4.2.5 Reply Codes After DATA and the Subsequent <CRLF>.<CRLF> .... 46
  120. 4.3 Sequencing of Commands and Replies ........................... 47
  121. 4.3.1 Sequencing Overview ........................................ 47
  122. 4.3.2 Command-Reply Sequences .................................... 48
  123. 4.4 Trace Information ............................................ 49
  124. 4.5 Additional Implementation Issues ............................. 53
  125. 4.5.1 Minimum Implementation ..................................... 53
  126. 4.5.2 Transparency ............................................... 53
  127. 4.5.3 Sizes and Timeouts ......................................... 54
  128. Klensin Standards Track [Page 3]
  129. RFC 2821 Simple Mail Transfer Protocol April 2001
  130. 4.5.3.1 Size limits and minimums ................................. 54
  131. 4.5.3.2 Timeouts ................................................. 56
  132. 4.5.4 Retry Strategies ........................................... 57
  133. 4.5.4.1 Sending Strategy ......................................... 58
  134. 4.5.4.2 Receiving Strategy ....................................... 59
  135. 4.5.5 Messages with a null reverse-path .......................... 59
  136. 5. Address Resolution and Mail Handling .......................... 60
  137. 6. Problem Detection and Handling ................................ 62
  138. 6.1 Reliable Delivery and Replies by Email ....................... 62
  139. 6.2 Loop Detection ............................................... 63
  140. 6.3 Compensating for Irregularities .............................. 63
  141. 7. Security Considerations ....................................... 64
  142. 7.1 Mail Security and Spoofing ................................... 64
  143. 7.2 "Blind" Copies ............................................... 65
  144. 7.3 VRFY, EXPN, and Security ..................................... 65
  145. 7.4 Information Disclosure in Announcements ...................... 66
  146. 7.5 Information Disclosure in Trace Fields ....................... 66
  147. 7.6 Information Disclosure in Message Forwarding ................. 67
  148. 7.7 Scope of Operation of SMTP Servers ........................... 67
  149. 8. IANA Considerations ........................................... 67
  150. 9. References .................................................... 68
  151. 10. Editor's Address ............................................. 70
  152. 11. Acknowledgments .............................................. 70
  153. Appendices ....................................................... 71
  154. A. TCP Transport Service ......................................... 71
  155. B. Generating SMTP Commands from RFC 822 Headers ................. 71
  156. C. Source Routes ................................................. 72
  157. D. Scenarios ..................................................... 73
  158. E. Other Gateway Issues .......................................... 76
  159. F. Deprecated Features of RFC 821 ................................ 76
  160. Full Copyright Statement ......................................... 79
  161. 1. Introduction
  162. The objective of the Simple Mail Transfer Protocol (SMTP) is to
  163. transfer mail reliably and efficiently.
  164. SMTP is independent of the particular transmission subsystem and
  165. requires only a reliable ordered data stream channel. While this
  166. document specifically discusses transport over TCP, other transports
  167. are possible. Appendices to RFC 821 describe some of them.
  168. An important feature of SMTP is its capability to transport mail
  169. across networks, usually referred to as "SMTP mail relaying" (see
  170. section 3.8). A network consists of the mutually-TCP-accessible
  171. hosts on the public Internet, the mutually-TCP-accessible hosts on a
  172. firewall-isolated TCP/IP Intranet, or hosts in some other LAN or WAN
  173. environment utilizing a non-TCP transport-level protocol. Using
  174. Klensin Standards Track [Page 4]
  175. RFC 2821 Simple Mail Transfer Protocol April 2001
  176. SMTP, a process can transfer mail to another process on the same
  177. network or to some other network via a relay or gateway process
  178. accessible to both networks.
  179. In this way, a mail message may pass through a number of intermediate
  180. relay or gateway hosts on its path from sender to ultimate recipient.
  181. The Mail eXchanger mechanisms of the domain name system [22, 27] (and
  182. section 5 of this document) are used to identify the appropriate
  183. next-hop destination for a message being transported.
  184. 2. The SMTP Model
  185. 2.1 Basic Structure
  186. The SMTP design can be pictured as:
  187. +----------+ +----------+
  188. +------+ | | | |
  189. | User |<-->| | SMTP | |
  190. +------+ | Client- |Commands/Replies| Server- |
  191. +------+ | SMTP |<-------------->| SMTP | +------+
  192. | File |<-->| | and Mail | |<-->| File |
  193. |System| | | | | |System|
  194. +------+ +----------+ +----------+ +------+
  195. SMTP client SMTP server
  196. When an SMTP client has a message to transmit, it establishes a two-
  197. way transmission channel to an SMTP server. The responsibility of an
  198. SMTP client is to transfer mail messages to one or more SMTP servers,
  199. or report its failure to do so.
  200. The means by which a mail message is presented to an SMTP client, and
  201. how that client determines the domain name(s) to which mail messages
  202. are to be transferred is a local matter, and is not addressed by this
  203. document. In some cases, the domain name(s) transferred to, or
  204. determined by, an SMTP client will identify the final destination(s)
  205. of the mail message. In other cases, common with SMTP clients
  206. associated with implementations of the POP [3, 26] or IMAP [6]
  207. protocols, or when the SMTP client is inside an isolated transport
  208. service environment, the domain name determined will identify an
  209. intermediate destination through which all mail messages are to be
  210. relayed. SMTP clients that transfer all traffic, regardless of the
  211. target domain names associated with the individual messages, or that
  212. do not maintain queues for retrying message transmissions that
  213. initially cannot be completed, may otherwise conform to this
  214. specification but are not considered fully-capable. Fully-capable
  215. SMTP implementations, including the relays used by these less capable
  216. Klensin Standards Track [Page 5]
  217. RFC 2821 Simple Mail Transfer Protocol April 2001
  218. ones, and their destinations, are expected to support all of the
  219. queuing, retrying, and alternate address functions discussed in this
  220. specification.
  221. The means by which an SMTP client, once it has determined a target
  222. domain name, determines the identity of an SMTP server to which a
  223. copy of a message is to be transferred, and then performs that
  224. transfer, is covered by this document. To effect a mail transfer to
  225. an SMTP server, an SMTP client establishes a two-way transmission
  226. channel to that SMTP server. An SMTP client determines the address
  227. of an appropriate host running an SMTP server by resolving a
  228. destination domain name to either an intermediate Mail eXchanger host
  229. or a final target host.
  230. An SMTP server may be either the ultimate destination or an
  231. intermediate "relay" (that is, it may assume the role of an SMTP
  232. client after receiving the message) or "gateway" (that is, it may
  233. transport the message further using some protocol other than SMTP).
  234. SMTP commands are generated by the SMTP client and sent to the SMTP
  235. server. SMTP replies are sent from the SMTP server to the SMTP
  236. client in response to the commands.
  237. In other words, message transfer can occur in a single connection
  238. between the original SMTP-sender and the final SMTP-recipient, or can
  239. occur in a series of hops through intermediary systems. In either
  240. case, a formal handoff of responsibility for the message occurs: the
  241. protocol requires that a server accept responsibility for either
  242. delivering a message or properly reporting the failure to do so.
  243. Once the transmission channel is established and initial handshaking
  244. completed, the SMTP client normally initiates a mail transaction.
  245. Such a transaction consists of a series of commands to specify the
  246. originator and destination of the mail and transmission of the
  247. message content (including any headers or other structure) itself.
  248. When the same message is sent to multiple recipients, this protocol
  249. encourages the transmission of only one copy of the data for all
  250. recipients at the same destination (or intermediate relay) host.
  251. The server responds to each command with a reply; replies may
  252. indicate that the command was accepted, that additional commands are
  253. expected, or that a temporary or permanent error condition exists.
  254. Commands specifying the sender or recipients may include server-
  255. permitted SMTP service extension requests as discussed in section
  256. 2.2. The dialog is purposely lock-step, one-at-a-time, although this
  257. can be modified by mutually-agreed extension requests such as command
  258. pipelining [13].
  259. Klensin Standards Track [Page 6]
  260. RFC 2821 Simple Mail Transfer Protocol April 2001
  261. Once a given mail message has been transmitted, the client may either
  262. request that the connection be shut down or may initiate other mail
  263. transactions. In addition, an SMTP client may use a connection to an
  264. SMTP server for ancillary services such as verification of email
  265. addresses or retrieval of mailing list subscriber addresses.
  266. As suggested above, this protocol provides mechanisms for the
  267. transmission of mail. This transmission normally occurs directly
  268. from the sending user's host to the receiving user's host when the
  269. two hosts are connected to the same transport service. When they are
  270. not connected to the same transport service, transmission occurs via
  271. one or more relay SMTP servers. An intermediate host that acts as
  272. either an SMTP relay or as a gateway into some other transmission
  273. environment is usually selected through the use of the domain name
  274. service (DNS) Mail eXchanger mechanism.
  275. Usually, intermediate hosts are determined via the DNS MX record, not
  276. by explicit "source" routing (see section 5 and appendices C and
  277. F.2).
  278. 2.2 The Extension Model
  279. 2.2.1 Background
  280. In an effort that started in 1990, approximately a decade after RFC
  281. 821 was completed, the protocol was modified with a "service
  282. extensions" model that permits the client and server to agree to
  283. utilize shared functionality beyond the original SMTP requirements.
  284. The SMTP extension mechanism defines a means whereby an extended SMTP
  285. client and server may recognize each other, and the server can inform
  286. the client as to the service extensions that it supports.
  287. Contemporary SMTP implementations MUST support the basic extension
  288. mechanisms. For instance, servers MUST support the EHLO command even
  289. if they do not implement any specific extensions and clients SHOULD
  290. preferentially utilize EHLO rather than HELO. (However, for
  291. compatibility with older conforming implementations, SMTP clients and
  292. servers MUST support the original HELO mechanisms as a fallback.)
  293. Unless the different characteristics of HELO must be identified for
  294. interoperability purposes, this document discusses only EHLO.
  295. SMTP is widely deployed and high-quality implementations have proven
  296. to be very robust. However, the Internet community now considers
  297. some services to be important that were not anticipated when the
  298. protocol was first designed. If support for those services is to be
  299. added, it must be done in a way that permits older implementations to
  300. continue working acceptably. The extension framework consists of:
  301. Klensin Standards Track [Page 7]
  302. RFC 2821 Simple Mail Transfer Protocol April 2001
  303. - The SMTP command EHLO, superseding the earlier HELO,
  304. - a registry of SMTP service extensions,
  305. - additional parameters to the SMTP MAIL and RCPT commands, and
  306. - optional replacements for commands defined in this protocol, such
  307. as for DATA in non-ASCII transmissions [33].
  308. SMTP's strength comes primarily from its simplicity. Experience with
  309. many protocols has shown that protocols with few options tend towards
  310. ubiquity, whereas protocols with many options tend towards obscurity.
  311. Each and every extension, regardless of its benefits, must be
  312. carefully scrutinized with respect to its implementation, deployment,
  313. and interoperability costs. In many cases, the cost of extending the
  314. SMTP service will likely outweigh the benefit.
  315. 2.2.2 Definition and Registration of Extensions
  316. The IANA maintains a registry of SMTP service extensions. A
  317. corresponding EHLO keyword value is associated with each extension.
  318. Each service extension registered with the IANA must be defined in a
  319. formal standards-track or IESG-approved experimental protocol
  320. document. The definition must include:
  321. - the textual name of the SMTP service extension;
  322. - the EHLO keyword value associated with the extension;
  323. - the syntax and possible values of parameters associated with the
  324. EHLO keyword value;
  325. - any additional SMTP verbs associated with the extension
  326. (additional verbs will usually be, but are not required to be, the
  327. same as the EHLO keyword value);
  328. - any new parameters the extension associates with the MAIL or RCPT
  329. verbs;
  330. - a description of how support for the extension affects the
  331. behavior of a server and client SMTP; and,
  332. - the increment by which the extension is increasing the maximum
  333. length of the commands MAIL and/or RCPT, over that specified in
  334. this standard.
  335. Klensin Standards Track [Page 8]
  336. RFC 2821 Simple Mail Transfer Protocol April 2001
  337. In addition, any EHLO keyword value starting with an upper or lower
  338. case "X" refers to a local SMTP service extension used exclusively
  339. through bilateral agreement. Keywords beginning with "X" MUST NOT be
  340. used in a registered service extension. Conversely, keyword values
  341. presented in the EHLO response that do not begin with "X" MUST
  342. correspond to a standard, standards-track, or IESG-approved
  343. experimental SMTP service extension registered with IANA. A
  344. conforming server MUST NOT offer non-"X"-prefixed keyword values that
  345. are not described in a registered extension.
  346. Additional verbs and parameter names are bound by the same rules as
  347. EHLO keywords; specifically, verbs beginning with "X" are local
  348. extensions that may not be registered or standardized. Conversely,
  349. verbs not beginning with "X" must always be registered.
  350. 2.3 Terminology
  351. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
  352. "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
  353. document are to be interpreted as described below.
  354. 1. MUST This word, or the terms "REQUIRED" or "SHALL", mean that
  355. the definition is an absolute requirement of the specification.
  356. 2. MUST NOT This phrase, or the phrase "SHALL NOT", mean that the
  357. definition is an absolute prohibition of the specification.
  358. 3. SHOULD This word, or the adjective "RECOMMENDED", mean that
  359. there may exist valid reasons in particular circumstances to
  360. ignore a particular item, but the full implications must be
  361. understood and carefully weighed before choosing a different
  362. course.
  363. 4. SHOULD NOT This phrase, or the phrase "NOT RECOMMENDED" mean
  364. that there may exist valid reasons in particular circumstances
  365. when the particular behavior is acceptable or even useful, but the
  366. full implications should be understood and the case carefully
  367. weighed before implementing any behavior described with this
  368. label.
  369. 5. MAY This word, or the adjective "OPTIONAL", mean that an item is
  370. truly optional. One vendor may choose to include the item because
  371. a particular marketplace requires it or because the vendor feels
  372. that it enhances the product while another vendor may omit the
  373. same item. An implementation which does not include a particular
  374. option MUST be prepared to interoperate with another
  375. implementation which does include the option, though perhaps with
  376. reduced functionality. In the same vein an implementation which
  377. Klensin Standards Track [Page 9]
  378. RFC 2821 Simple Mail Transfer Protocol April 2001
  379. does include a particular option MUST be prepared to interoperate
  380. with another implementation which does not include the option
  381. (except, of course, for the feature the option provides.)
  382. 2.3.1 Mail Objects
  383. SMTP transports a mail object. A mail object contains an envelope
  384. and content.
  385. The SMTP envelope is sent as a series of SMTP protocol units
  386. (described in section 3). It consists of an originator address (to
  387. which error reports should be directed); one or more recipient
  388. addresses; and optional protocol extension material. Historically,
  389. variations on the recipient address specification command (RCPT TO)
  390. could be used to specify alternate delivery modes, such as immediate
  391. display; those variations have now been deprecated (see appendix F,
  392. section F.6).
  393. The SMTP content is sent in the SMTP DATA protocol unit and has two
  394. parts: the headers and the body. If the content conforms to other
  395. contemporary standards, the headers form a collection of field/value
  396. pairs structured as in the message format specification [32]; the
  397. body, if structured, is defined according to MIME [12]. The content
  398. is textual in nature, expressed using the US-ASCII repertoire [1].
  399. Although SMTP extensions (such as "8BITMIME" [20]) may relax this
  400. restriction for the content body, the content headers are always
  401. encoded using the US-ASCII repertoire. A MIME extension [23] defines
  402. an algorithm for representing header values outside the US-ASCII
  403. repertoire, while still encoding them using the US-ASCII repertoire.
  404. 2.3.2 Senders and Receivers
  405. In RFC 821, the two hosts participating in an SMTP transaction were
  406. described as the "SMTP-sender" and "SMTP-receiver". This document
  407. has been changed to reflect current industry terminology and hence
  408. refers to them as the "SMTP client" (or sometimes just "the client")
  409. and "SMTP server" (or just "the server"), respectively. Since a
  410. given host may act both as server and client in a relay situation,
  411. "receiver" and "sender" terminology is still used where needed for
  412. clarity.
  413. 2.3.3 Mail Agents and Message Stores
  414. Additional mail system terminology became common after RFC 821 was
  415. published and, where convenient, is used in this specification. In
  416. particular, SMTP servers and clients provide a mail transport service
  417. and therefore act as "Mail Transfer Agents" (MTAs). "Mail User
  418. Agents" (MUAs or UAs) are normally thought of as the sources and
  419. Klensin Standards Track [Page 10]
  420. RFC 2821 Simple Mail Transfer Protocol April 2001
  421. targets of mail. At the source, an MUA might collect mail to be
  422. transmitted from a user and hand it off to an MTA; the final
  423. ("delivery") MTA would be thought of as handing the mail off to an
  424. MUA (or at least transferring responsibility to it, e.g., by
  425. depositing the message in a "message store"). However, while these
  426. terms are used with at least the appearance of great precision in
  427. other environments, the implied boundaries between MUAs and MTAs
  428. often do not accurately match common, and conforming, practices with
  429. Internet mail. Hence, the reader should be cautious about inferring
  430. the strong relationships and responsibilities that might be implied
  431. if these terms were used elsewhere.
  432. 2.3.4 Host
  433. For the purposes of this specification, a host is a computer system
  434. attached to the Internet (or, in some cases, to a private TCP/IP
  435. network) and supporting the SMTP protocol. Hosts are known by names
  436. (see "domain"); identifying them by numerical address is discouraged.
  437. 2.3.5 Domain
  438. A domain (or domain name) consists of one or more dot-separated
  439. components. These components ("labels" in DNS terminology [22]) are
  440. restricted for SMTP purposes to consist of a sequence of letters,
  441. digits, and hyphens drawn from the ASCII character set [1]. Domain
  442. names are used as names of hosts and of other entities in the domain
  443. name hierarchy. For example, a domain may refer to an alias (label
  444. of a CNAME RR) or the label of Mail eXchanger records to be used to
  445. deliver mail instead of representing a host name. See [22] and
  446. section 5 of this specification.
  447. The domain name, as described in this document and in [22], is the
  448. entire, fully-qualified name (often referred to as an "FQDN"). A
  449. domain name that is not in FQDN form is no more than a local alias.
  450. Local aliases MUST NOT appear in any SMTP transaction.
  451. 2.3.6 Buffer and State Table
  452. SMTP sessions are stateful, with both parties carefully maintaining a
  453. common view of the current state. In this document we model this
  454. state by a virtual "buffer" and a "state table" on the server which
  455. may be used by the client to, for example, "clear the buffer" or
  456. "reset the state table," causing the information in the buffer to be
  457. discarded and the state to be returned to some previous state.
  458. Klensin Standards Track [Page 11]
  459. RFC 2821 Simple Mail Transfer Protocol April 2001
  460. 2.3.7 Lines
  461. SMTP commands and, unless altered by a service extension, message
  462. data, are transmitted in "lines". Lines consist of zero or more data
  463. characters terminated by the sequence ASCII character "CR" (hex value
  464. 0D) followed immediately by ASCII character "LF" (hex value 0A).
  465. This termination sequence is denoted as <CRLF> in this document.
  466. Conforming implementations MUST NOT recognize or generate any other
  467. character or character sequence as a line terminator. Limits MAY be
  468. imposed on line lengths by servers (see section 4.5.3).
  469. In addition, the appearance of "bare" "CR" or "LF" characters in text
  470. (i.e., either without the other) has a long history of causing
  471. problems in mail implementations and applications that use the mail
  472. system as a tool. SMTP client implementations MUST NOT transmit
  473. these characters except when they are intended as line terminators
  474. and then MUST, as indicated above, transmit them only as a <CRLF>
  475. sequence.
  476. 2.3.8 Originator, Delivery, Relay, and Gateway Systems
  477. This specification makes a distinction among four types of SMTP
  478. systems, based on the role those systems play in transmitting
  479. electronic mail. An "originating" system (sometimes called an SMTP
  480. originator) introduces mail into the Internet or, more generally,
  481. into a transport service environment. A "delivery" SMTP system is
  482. one that receives mail from a transport service environment and
  483. passes it to a mail user agent or deposits it in a message store
  484. which a mail user agent is expected to subsequently access. A
  485. "relay" SMTP system (usually referred to just as a "relay") receives
  486. mail from an SMTP client and transmits it, without modification to
  487. the message data other than adding trace information, to another SMTP
  488. server for further relaying or for delivery.
  489. A "gateway" SMTP system (usually referred to just as a "gateway")
  490. receives mail from a client system in one transport environment and
  491. transmits it to a server system in another transport environment.
  492. Differences in protocols or message semantics between the transport
  493. environments on either side of a gateway may require that the gateway
  494. system perform transformations to the message that are not permitted
  495. to SMTP relay systems. For the purposes of this specification,
  496. firewalls that rewrite addresses should be considered as gateways,
  497. even if SMTP is used on both sides of them (see [11]).
  498. Klensin Standards Track [Page 12]
  499. RFC 2821 Simple Mail Transfer Protocol April 2001
  500. 2.3.9 Message Content and Mail Data
  501. The terms "message content" and "mail data" are used interchangeably
  502. in this document to describe the material transmitted after the DATA
  503. command is accepted and before the end of data indication is
  504. transmitted. Message content includes message headers and the
  505. possibly-structured message body. The MIME specification [12]
  506. provides the standard mechanisms for structured message bodies.
  507. 2.3.10 Mailbox and Address
  508. As used in this specification, an "address" is a character string
  509. that identifies a user to whom mail will be sent or a location into
  510. which mail will be deposited. The term "mailbox" refers to that
  511. depository. The two terms are typically used interchangeably unless
  512. the distinction between the location in which mail is placed (the
  513. mailbox) and a reference to it (the address) is important. An
  514. address normally consists of user and domain specifications. The
  515. standard mailbox naming convention is defined to be "local-
  516. part@domain": contemporary usage permits a much broader set of
  517. applications than simple "user names". Consequently, and due to a
  518. long history of problems when intermediate hosts have attempted to
  519. optimize transport by modifying them, the local-part MUST be
  520. interpreted and assigned semantics only by the host specified in the
  521. domain part of the address.
  522. 2.3.11 Reply
  523. An SMTP reply is an acknowledgment (positive or negative) sent from
  524. receiver to sender via the transmission channel in response to a
  525. command. The general form of a reply is a numeric completion code
  526. (indicating failure or success) usually followed by a text string.
  527. The codes are for use by programs and the text is usually intended
  528. for human users. Recent work [34] has specified further structuring
  529. of the reply strings, including the use of supplemental and more
  530. specific completion codes.
  531. 2.4 General Syntax Principles and Transaction Model
  532. SMTP commands and replies have a rigid syntax. All commands begin
  533. with a command verb. All Replies begin with a three digit numeric
  534. code. In some commands and replies, arguments MUST follow the verb
  535. or reply code. Some commands do not accept arguments (after the
  536. verb), and some reply codes are followed, sometimes optionally, by
  537. free form text. In both cases, where text appears, it is separated
  538. from the verb or reply code by a space character. Complete
  539. definitions of commands and replies appear in section 4.
  540. Klensin Standards Track [Page 13]
  541. RFC 2821 Simple Mail Transfer Protocol April 2001
  542. Verbs and argument values (e.g., "TO:" or "to:" in the RCPT command
  543. and extension name keywords) are not case sensitive, with the sole
  544. exception in this specification of a mailbox local-part (SMTP
  545. Extensions may explicitly specify case-sensitive elements). That is,
  546. a command verb, an argument value other than a mailbox local-part,
  547. and free form text MAY be encoded in upper case, lower case, or any
  548. mixture of upper and lower case with no impact on its meaning. This
  549. is NOT true of a mailbox local-part. The local-part of a mailbox
  550. MUST BE treated as case sensitive. Therefore, SMTP implementations
  551. MUST take care to preserve the case of mailbox local-parts. Mailbox
  552. domains are not case sensitive. In particular, for some hosts the
  553. user "smith" is different from the user "Smith". However, exploiting
  554. the case sensitivity of mailbox local-parts impedes interoperability
  555. and is discouraged.
  556. A few SMTP servers, in violation of this specification (and RFC 821)
  557. require that command verbs be encoded by clients in upper case.
  558. Implementations MAY wish to employ this encoding to accommodate those
  559. servers.
  560. The argument field consists of a variable length character string
  561. ending with the end of the line, i.e., with the character sequence
  562. <CRLF>. The receiver will take no action until this sequence is
  563. received.
  564. The syntax for each command is shown with the discussion of that
  565. command. Common elements and parameters are shown in section 4.1.2.
  566. Commands and replies are composed of characters from the ASCII
  567. character set [1]. When the transport service provides an 8-bit byte
  568. (octet) transmission channel, each 7-bit character is transmitted
  569. right justified in an octet with the high order bit cleared to zero.
  570. More specifically, the unextended SMTP service provides seven bit
  571. transport only. An originating SMTP client which has not
  572. successfully negotiated an appropriate extension with a particular
  573. server MUST NOT transmit messages with information in the high-order
  574. bit of octets. If such messages are transmitted in violation of this
  575. rule, receiving SMTP servers MAY clear the high-order bit or reject
  576. the message as invalid. In general, a relay SMTP SHOULD assume that
  577. the message content it has received is valid and, assuming that the
  578. envelope permits doing so, relay it without inspecting that content.
  579. Of course, if the content is mislabeled and the data path cannot
  580. accept the actual content, this may result in ultimate delivery of a
  581. severely garbled message to the recipient. Delivery SMTP systems MAY
  582. reject ("bounce") such messages rather than deliver them. No sending
  583. SMTP system is permitted to send envelope commands in any character
  584. Klensin Standards Track [Page 14]
  585. RFC 2821 Simple Mail Transfer Protocol April 2001
  586. set other than US-ASCII; receiving systems SHOULD reject such
  587. commands, normally using "500 syntax error - invalid character"
  588. replies.
  589. Eight-bit message content transmission MAY be requested of the server
  590. by a client using extended SMTP facilities, notably the "8BITMIME"
  591. extension [20]. 8BITMIME SHOULD be supported by SMTP servers.
  592. However, it MUST not be construed as authorization to transmit
  593. unrestricted eight bit material. 8BITMIME MUST NOT be requested by
  594. senders for material with the high bit on that is not in MIME format
  595. with an appropriate content-transfer encoding; servers MAY reject
  596. such messages.
  597. The metalinguistic notation used in this document corresponds to the
  598. "Augmented BNF" used in other Internet mail system documents. The
  599. reader who is not familiar with that syntax should consult the ABNF
  600. specification [8]. Metalanguage terms used in running text are
  601. surrounded by pointed brackets (e.g., <CRLF>) for clarity.
  602. 3. The SMTP Procedures: An Overview
  603. This section contains descriptions of the procedures used in SMTP:
  604. session initiation, the mail transaction, forwarding mail, verifying
  605. mailbox names and expanding mailing lists, and the opening and
  606. closing exchanges. Comments on relaying, a note on mail domains, and
  607. a discussion of changing roles are included at the end of this
  608. section. Several complete scenarios are presented in appendix D.
  609. 3.1 Session Initiation
  610. An SMTP session is initiated when a client opens a connection to a
  611. server and the server responds with an opening message.
  612. SMTP server implementations MAY include identification of their
  613. software and version information in the connection greeting reply
  614. after the 220 code, a practice that permits more efficient isolation
  615. and repair of any problems. Implementations MAY make provision for
  616. SMTP servers to disable the software and version announcement where
  617. it causes security concerns. While some systems also identify their
  618. contact point for mail problems, this is not a substitute for
  619. maintaining the required "postmaster" address (see section 4.5.1).
  620. The SMTP protocol allows a server to formally reject a transaction
  621. while still allowing the initial connection as follows: a 554
  622. response MAY be given in the initial connection opening message
  623. instead of the 220. A server taking this approach MUST still wait
  624. for the client to send a QUIT (see section 4.1.1.10) before closing
  625. the connection and SHOULD respond to any intervening commands with
  626. Klensin Standards Track [Page 15]
  627. RFC 2821 Simple Mail Transfer Protocol April 2001
  628. "503 bad sequence of commands". Since an attempt to make an SMTP
  629. connection to such a system is probably in error, a server returning
  630. a 554 response on connection opening SHOULD provide enough
  631. information in the reply text to facilitate debugging of the sending
  632. system.
  633. 3.2 Client Initiation
  634. Once the server has sent the welcoming message and the client has
  635. received it, the client normally sends the EHLO command to the
  636. server, indicating the client's identity. In addition to opening the
  637. session, use of EHLO indicates that the client is able to process
  638. service extensions and requests that the server provide a list of the
  639. extensions it supports. Older SMTP systems which are unable to
  640. support service extensions and contemporary clients which do not
  641. require service extensions in the mail session being initiated, MAY
  642. use HELO instead of EHLO. Servers MUST NOT return the extended
  643. EHLO-style response to a HELO command. For a particular connection
  644. attempt, if the server returns a "command not recognized" response to
  645. EHLO, the client SHOULD be able to fall back and send HELO.
  646. In the EHLO command the host sending the command identifies itself;
  647. the command may be interpreted as saying "Hello, I am <domain>" (and,
  648. in the case of EHLO, "and I support service extension requests").
  649. 3.3 Mail Transactions
  650. There are three steps to SMTP mail transactions. The transaction
  651. starts with a MAIL command which gives the sender identification.
  652. (In general, the MAIL command may be sent only when no mail
  653. transaction is in progress; see section 4.1.4.) A series of one or
  654. more RCPT commands follows giving the receiver information. Then a
  655. DATA command initiates transfer of the mail data and is terminated by
  656. the "end of mail" data indicator, which also confirms the
  657. transaction.
  658. The first step in the procedure is the MAIL command.
  659. MAIL FROM:<reverse-path> [SP <mail-parameters> ] <CRLF>
  660. This command tells the SMTP-receiver that a new mail transaction is
  661. starting and to reset all its state tables and buffers, including any
  662. recipients or mail data. The <reverse-path> portion of the first or
  663. only argument contains the source mailbox (between "<" and ">"
  664. brackets), which can be used to report errors (see section 4.2 for a
  665. discussion of error reporting). If accepted, the SMTP server returns
  666. a 250 OK reply. If the mailbox specification is not acceptable for
  667. some reason, the server MUST return a reply indicating whether the
  668. Klensin Standards Track [Page 16]
  669. RFC 2821 Simple Mail Transfer Protocol April 2001
  670. failure is permanent (i.e., will occur again if the client tries to
  671. send the same address again) or temporary (i.e., the address might be
  672. accepted if the client tries again later). Despite the apparent
  673. scope of this requirement, there are circumstances in which the
  674. acceptability of the reverse-path may not be determined until one or
  675. more forward-paths (in RCPT commands) can be examined. In those
  676. cases, the server MAY reasonably accept the reverse-path (with a 250
  677. reply) and then report problems after the forward-paths are received
  678. and examined. Normally, failures produce 550 or 553 replies.
  679. Historically, the <reverse-path> can contain more than just a
  680. mailbox, however, contemporary systems SHOULD NOT use source routing
  681. (see appendix C).
  682. The optional <mail-parameters> are associated with negotiated SMTP
  683. service extensions (see section 2.2).
  684. The second step in the procedure is the RCPT command.
  685. RCPT TO:<forward-path> [ SP <rcpt-parameters> ] <CRLF>
  686. The first or only argument to this command includes a forward-path
  687. (normally a mailbox and domain, always surrounded by "<" and ">"
  688. brackets) identifying one recipient. If accepted, the SMTP server
  689. returns a 250 OK reply and stores the forward-path. If the recipient
  690. is known not to be a deliverable address, the SMTP server returns a
  691. 550 reply, typically with a string such as "no such user - " and the
  692. mailbox name (other circumstances and reply codes are possible).
  693. This step of the procedure can be repeated any number of times.
  694. The <forward-path> can contain more than just a mailbox.
  695. Historically, the <forward-path> can be a source routing list of
  696. hosts and the destination mailbox, however, contemporary SMTP clients
  697. SHOULD NOT utilize source routes (see appendix C). Servers MUST be
  698. prepared to encounter a list of source routes in the forward path,
  699. but SHOULD ignore the routes or MAY decline to support the relaying
  700. they imply. Similarly, servers MAY decline to accept mail that is
  701. destined for other hosts or systems. These restrictions make a
  702. server useless as a relay for clients that do not support full SMTP
  703. functionality. Consequently, restricted-capability clients MUST NOT
  704. assume that any SMTP server on the Internet can be used as their mail
  705. processing (relaying) site. If a RCPT command appears without a
  706. previous MAIL command, the server MUST return a 503 "Bad sequence of
  707. commands" response. The optional <rcpt-parameters> are associated
  708. with negotiated SMTP service extensions (see section 2.2).
  709. The third step in the procedure is the DATA command (or some
  710. alternative specified in a service extension).
  711. Klensin Standards Track [Page 17]
  712. RFC 2821 Simple Mail Transfer Protocol April 2001
  713. DATA <CRLF>
  714. If accepted, the SMTP server returns a 354 Intermediate reply and
  715. considers all succeeding lines up to but not including the end of
  716. mail data indicator to be the message text. When the end of text is
  717. successfully received and stored the SMTP-receiver sends a 250 OK
  718. reply.
  719. Since the mail data is sent on the transmission channel, the end of
  720. mail data must be indicated so that the command and reply dialog can
  721. be resumed. SMTP indicates the end of the mail data by sending a
  722. line containing only a "." (period or full stop). A transparency
  723. procedure is used to prevent this from interfering with the user's
  724. text (see section 4.5.2).
  725. The end of mail data indicator also confirms the mail transaction and
  726. tells the SMTP server to now process the stored recipients and mail
  727. data. If accepted, the SMTP server returns a 250 OK reply. The DATA
  728. command can fail at only two points in the protocol exchange:
  729. - If there was no MAIL, or no RCPT, command, or all such commands
  730. were rejected, the server MAY return a "command out of sequence"
  731. (503) or "no valid recipients" (554) reply in response to the DATA
  732. command. If one of those replies (or any other 5yz reply) is
  733. received, the client MUST NOT send the message data; more
  734. generally, message data MUST NOT be sent unless a 354 reply is
  735. received.
  736. - If the verb is initially accepted and the 354 reply issued, the
  737. DATA command should fail only if the mail transaction was
  738. incomplete (for example, no recipients), or if resources were
  739. unavailable (including, of course, the server unexpectedly
  740. becoming unavailable), or if the server determines that the
  741. message should be rejected for policy or other reasons.
  742. However, in practice, some servers do not perform recipient
  743. verification until after the message text is received. These servers
  744. SHOULD treat a failure for one or more recipients as a "subsequent
  745. failure" and return a mail message as discussed in section 6. Using
  746. a "550 mailbox not found" (or equivalent) reply code after the data
  747. are accepted makes it difficult or impossible for the client to
  748. determine which recipients failed.
  749. When RFC 822 format [7, 32] is being used, the mail data include the
  750. memo header items such as Date, Subject, To, Cc, From. Server SMTP
  751. systems SHOULD NOT reject messages based on perceived defects in the
  752. RFC 822 or MIME [12] message header or message body. In particular,
  753. Klensin Standards Track [Page 18]
  754. RFC 2821 Simple Mail Transfer Protocol April 2001
  755. they MUST NOT reject messages in which the numbers of Resent-fields
  756. do not match or Resent-to appears without Resent-from and/or Resent-
  757. date.
  758. Mail transaction commands MUST be used in the order discussed above.
  759. 3.4 Forwarding for Address Correction or Updating
  760. Forwarding support is most often required to consolidate and simplify
  761. addresses within, or relative to, some enterprise and less frequently
  762. to establish addresses to link a person's prior address with current
  763. one. Silent forwarding of messages (without server notification to
  764. the sender), for security or non-disclosure purposes, is common in
  765. the contemporary Internet.
  766. In both the enterprise and the "new address" cases, information
  767. hiding (and sometimes security) considerations argue against exposure
  768. of the "final" address through the SMTP protocol as a side-effect of
  769. the forwarding activity. This may be especially important when the
  770. final address may not even be reachable by the sender. Consequently,
  771. the "forwarding" mechanisms described in section 3.2 of RFC 821, and
  772. especially the 251 (corrected destination) and 551 reply codes from
  773. RCPT must be evaluated carefully by implementers and, when they are
  774. available, by those configuring systems.
  775. In particular:
  776. * Servers MAY forward messages when they are aware of an address
  777. change. When they do so, they MAY either provide address-updating
  778. information with a 251 code, or may forward "silently" and return
  779. a 250 code. But, if a 251 code is used, they MUST NOT assume that
  780. the client will actually update address information or even return
  781. that information to the user.
  782. Alternately,
  783. * Servers MAY reject or bounce messages when they are not
  784. deliverable when addressed. When they do so, they MAY either
  785. provide address-updating information with a 551 code, or may
  786. reject the message as undeliverable with a 550 code and no
  787. address-specific information. But, if a 551 code is used, they
  788. MUST NOT assume that the client will actually update address
  789. information or even return that information to the user.
  790. SMTP server implementations that support the 251 and/or 551 reply
  791. codes are strongly encouraged to provide configuration mechanisms so
  792. that sites which conclude that they would undesirably disclose
  793. information can disable or restrict their use.
  794. Klensin Standards Track [Page 19]
  795. RFC 2821 Simple Mail Transfer Protocol April 2001
  796. 3.5 Commands for Debugging Addresses
  797. 3.5.1 Overview
  798. SMTP provides commands to verify a user name or obtain the content of
  799. a mailing list. This is done with the VRFY and EXPN commands, which
  800. have character string arguments. Implementations SHOULD support VRFY
  801. and EXPN (however, see section 3.5.2 and 7.3).
  802. For the VRFY command, the string is a user name or a user name and
  803. domain (see below). If a normal (i.e., 250) response is returned,
  804. the response MAY include the full name of the user and MUST include
  805. the mailbox of the user. It MUST be in either of the following
  806. forms:
  807. User Name <local-part@domain>
  808. local-part@domain
  809. When a name that is the argument to VRFY could identify more than one
  810. mailbox, the server MAY either note the ambiguity or identify the
  811. alternatives. In other words, any of the following are legitimate
  812. response to VRFY:
  813. 553 User ambiguous
  814. or
  815. 553- Ambiguous; Possibilities are
  816. 553-Joe Smith <jsmith@foo.com>
  817. 553-Harry Smith <hsmith@foo.com>
  818. 553 Melvin Smith <dweep@foo.com>
  819. or
  820. 553-Ambiguous; Possibilities
  821. 553- <jsmith@foo.com>
  822. 553- <hsmith@foo.com>
  823. 553 <dweep@foo.com>
  824. Under normal circumstances, a client receiving a 553 reply would be
  825. expected to expose the result to the user. Use of exactly the forms
  826. given, and the "user ambiguous" or "ambiguous" keywords, possibly
  827. supplemented by extended reply codes such as those described in [34],
  828. will facilitate automated translation into other languages as needed.
  829. Of course, a client that was highly automated or that was operating
  830. in another language than English, might choose to try to translate
  831. the response, to return some other indication to the user than the
  832. Klensin Standards Track [Page 20]
  833. RFC 2821 Simple Mail Transfer Protocol April 2001
  834. literal text of the reply, or to take some automated action such as
  835. consulting a directory service for additional information before
  836. reporting to the user.
  837. For the EXPN command, the string identifies a mailing list, and the
  838. successful (i.e., 250) multiline response MAY include the full name
  839. of the users and MUST give the mailboxes on the mailing list.
  840. In some hosts the distinction between a mailing list and an alias for
  841. a single mailbox is a bit fuzzy, since a common data structure may
  842. hold both types of entries, and it is possible to have mailing lists
  843. containing only one mailbox. If a request is made to apply VRFY to a
  844. mailing list, a positive response MAY be given if a message so
  845. addressed would be delivered to everyone on the list, otherwise an
  846. error SHOULD be reported (e.g., "550 That is a mailing list, not a
  847. user" or "252 Unable to verify members of mailing list"). If a
  848. request is made to expand a user name, the server MAY return a
  849. positive response consisting of a list containing one name, or an
  850. error MAY be reported (e.g., "550 That is a user name, not a mailing
  851. list").
  852. In the case of a successful multiline reply (normal for EXPN) exactly
  853. one mailbox is to be specified on each line of the reply. The case
  854. of an ambiguous request is discussed above.
  855. "User name" is a fuzzy term and has been used deliberately. An
  856. implementation of the VRFY or EXPN commands MUST include at least
  857. recognition of local mailboxes as "user names". However, since
  858. current Internet practice often results in a single host handling
  859. mail for multiple domains, hosts, especially hosts that provide this
  860. functionality, SHOULD accept the "local-part@domain" form as a "user
  861. name"; hosts MAY also choose to recognize other strings as "user
  862. names".
  863. The case of expanding a mailbox list requires a multiline reply, such
  864. as:
  865. C: EXPN Example-People
  866. S: 250-Jon Postel <Postel@isi.edu>
  867. S: 250-Fred Fonebone <Fonebone@physics.foo-u.edu>
  868. S: 250 Sam Q. Smith <SQSmith@specific.generic.com>
  869. or
  870. C: EXPN Executive-Washroom-List
  871. S: 550 Access Denied to You.
  872. Klensin Standards Track [Page 21]
  873. RFC 2821 Simple Mail Transfer Protocol April 2001
  874. The character string arguments of the VRFY and EXPN commands cannot
  875. be further restricted due to the variety of implementations of the
  876. user name and mailbox list concepts. On some systems it may be
  877. appropriate for the argument of the EXPN command to be a file name
  878. for a file containing a mailing list, but again there are a variety
  879. of file naming conventions in the Internet. Similarly, historical
  880. variations in what is returned by these commands are such that the
  881. response SHOULD be interpreted very carefully, if at all, and SHOULD
  882. generally only be used for diagnostic purposes.
  883. 3.5.2 VRFY Normal Response
  884. When normal (2yz or 551) responses are returned from a VRFY or EXPN
  885. request, the reply normally includes the mailbox name, i.e.,
  886. "<local-part@domain>", where "domain" is a fully qualified domain
  887. name, MUST appear in the syntax. In circumstances exceptional enough
  888. to justify violating the intent of this specification, free-form text
  889. MAY be returned. In order to facilitate parsing by both computers
  890. and people, addresses SHOULD appear in pointed brackets. When
  891. addresses, rather than free-form debugging information, are returned,
  892. EXPN and VRFY MUST return only valid domain addresses that are usable
  893. in SMTP RCPT commands. Consequently, if an address implies delivery
  894. to a program or other system, the mailbox name used to reach that
  895. target MUST be given. Paths (explicit source routes) MUST NOT be
  896. returned by VRFY or EXPN.
  897. Server implementations SHOULD support both VRFY and EXPN. For
  898. security reasons, implementations MAY provide local installations a
  899. way to disable either or both of these commands through configuration
  900. options or the equivalent. When these commands are supported, they
  901. are not required to work across relays when relaying is supported.
  902. Since they were both optional in RFC 821, they MUST be listed as
  903. service extensions in an EHLO response, if they are supported.
  904. 3.5.3 Meaning of VRFY or EXPN Success Response
  905. A server MUST NOT return a 250 code in response to a VRFY or EXPN
  906. command unless it has actually verified the address. In particular,
  907. a server MUST NOT return 250 if all it has done is to verify that the
  908. syntax given is valid. In that case, 502 (Command not implemented)
  909. or 500 (Syntax error, command unrecognized) SHOULD be returned. As
  910. stated elsewhere, implementation (in the sense of actually validating
  911. addresses and returning information) of VRFY and EXPN are strongly
  912. recommended. Hence, implementations that return 500 or 502 for VRFY
  913. are not in full compliance with this specification.
  914. Klensin Standards Track [Page 22]
  915. RFC 2821 Simple Mail Transfer Protocol April 2001
  916. There may be circumstances where an address appears to be valid but
  917. cannot reasonably be verified in real time, particularly when a
  918. server is acting as a mail exchanger for another server or domain.
  919. "Apparent validity" in this case would normally involve at least
  920. syntax checking and might involve verification that any domains
  921. specified were ones to which the host expected to be able to relay
  922. mail. In these situations, reply code 252 SHOULD be returned. These
  923. cases parallel the discussion of RCPT verification discussed in
  924. section 2.1. Similarly, the discussion in section 3.4 applies to the
  925. use of reply codes 251 and 551 with VRFY (and EXPN) to indicate
  926. addresses that are recognized but that would be forwarded or bounced
  927. were mail received for them. Implementations generally SHOULD be
  928. more aggressive about address verification in the case of VRFY than
  929. in the case of RCPT, even if it takes a little longer to do so.
  930. 3.5.4 Semantics and Applications of EXPN
  931. EXPN is often very useful in debugging and understanding problems
  932. with mailing lists and multiple-target-address aliases. Some systems
  933. have attempted to use source expansion of mailing lists as a means of
  934. eliminating duplicates. The propagation of aliasing systems with
  935. mail on the Internet, for hosts (typically with MX and CNAME DNS
  936. records), for mailboxes (various types of local host aliases), and in
  937. various proxying arrangements, has made it nearly impossible for
  938. these strategies to work consistently, and mail systems SHOULD NOT
  939. attempt them.
  940. 3.6 Domains
  941. Only resolvable, fully-qualified, domain names (FQDNs) are permitted
  942. when domain names are used in SMTP. In other words, names that can
  943. be resolved to MX RRs or A RRs (as discussed in section 5) are
  944. permitted, as are CNAME RRs whose targets can be resolved, in turn,
  945. to MX or A RRs. Local nicknames or unqualified names MUST NOT be
  946. used. There are two exceptions to the rule requiring FQDNs:
  947. - The domain name given in the EHLO command MUST BE either a primary
  948. host name (a domain name that resolves to an A RR) or, if the host
  949. has no name, an address literal as described in section 4.1.1.1.
  950. - The reserved mailbox name "postmaster" may be used in a RCPT
  951. command without domain qualification (see section 4.1.1.3) and
  952. MUST be accepted if so used.
  953. Klensin Standards Track [Page 23]
  954. RFC 2821 Simple Mail Transfer Protocol April 2001
  955. 3.7 Relaying
  956. In general, the availability of Mail eXchanger records in the domain
  957. name system [22, 27] makes the use of explicit source routes in the
  958. Internet mail system unnecessary. Many historical problems with
  959. their interpretation have made their use undesirable. SMTP clients
  960. SHOULD NOT generate explicit source routes except under unusual
  961. circumstances. SMTP servers MAY decline to act as mail relays or to
  962. accept addresses that specify source routes. When route information
  963. is encountered, SMTP servers are also permitted to ignore the route
  964. information and simply send to the final destination specified as the
  965. last element in the route and SHOULD do so. There has been an
  966. invalid practice of using names that do not appear in the DNS as
  967. destination names, with the senders counting on the intermediate
  968. hosts specified in source routing to resolve any problems. If source
  969. routes are stripped, this practice will cause failures. This is one
  970. of several reasons why SMTP clients MUST NOT generate invalid source
  971. routes or depend on serial resolution of names.
  972. When source routes are not used, the process described in RFC 821 for
  973. constructing a reverse-path from the forward-path is not applicable
  974. and the reverse-path at the time of delivery will simply be the
  975. address that appeared in the MAIL command.
  976. A relay SMTP server is usually the target of a DNS MX record that
  977. designates it, rather than the final delivery system. The relay
  978. server may accept or reject the task of relaying the mail in the same
  979. way it accepts or rejects mail for a local user. If it accepts the
  980. task, it then becomes an SMTP client, establishes a transmission
  981. channel to the next SMTP server specified in the DNS (according to
  982. the rules in section 5), and sends it the mail. If it declines to
  983. relay mail to a particular address for policy reasons, a 550 response
  984. SHOULD be returned.
  985. Many mail-sending clients exist, especially in conjunction with
  986. facilities that receive mail via POP3 or IMAP, that have limited
  987. capability to support some of the requirements of this specification,
  988. such as the ability to queue messages for subsequent delivery
  989. attempts. For these clients, it is common practice to make private
  990. arrangements to send all messages to a single server for processing
  991. and subsequent distribution. SMTP, as specified here, is not ideally
  992. suited for this role, and work is underway on standardized mail
  993. submission protocols that might eventually supercede the current
  994. practices. In any event, because these arrangements are private and
  995. fall outside the scope of this specification, they are not described
  996. here.
  997. Klensin Standards Track [Page 24]
  998. RFC 2821 Simple Mail Transfer Protocol April 2001
  999. It is important to note that MX records can point to SMTP servers
  1000. which act as gateways into other environments, not just SMTP relays
  1001. and final delivery systems; see sections 3.8 and 5.
  1002. If an SMTP server has accepted the task of relaying the mail and
  1003. later finds that the destination is incorrect or that the mail cannot
  1004. be delivered for some other reason, then it MUST construct an
  1005. "undeliverable mail" notification message and send it to the
  1006. originator of the undeliverable mail (as indicated by the reverse-
  1007. path). Formats specified for non-delivery reports by other standards
  1008. (see, for example, [24, 25]) SHOULD be used if possible.
  1009. This notification message must be from the SMTP server at the relay
  1010. host or the host that first determines that delivery cannot be
  1011. accomplished. Of course, SMTP servers MUST NOT send notification
  1012. messages about problems transporting notification messages. One way
  1013. to prevent loops in error reporting is to specify a null reverse-path
  1014. in the MAIL command of a notification message. When such a message
  1015. is transmitted the reverse-path MUST be set to null (see section
  1016. 4.5.5 for additional discussion). A MAIL command with a null
  1017. reverse-path appears as follows:
  1018. MAIL FROM:<>
  1019. As discussed in section 2.4.1, a relay SMTP has no need to inspect or
  1020. act upon the headers or body of the message data and MUST NOT do so
  1021. except to add its own "Received:" header (section 4.4) and,
  1022. optionally, to attempt to detect looping in the mail system (see
  1023. section 6.2).
  1024. 3.8 Mail Gatewaying
  1025. While the relay function discussed above operates within the Internet
  1026. SMTP transport service environment, MX records or various forms of
  1027. explicit routing may require that an intermediate SMTP server perform
  1028. a translation function between one transport service and another. As
  1029. discussed in section 2.3.8, when such a system is at the boundary
  1030. between two transport service environments, we refer to it as a
  1031. "gateway" or "gateway SMTP".
  1032. Gatewaying mail between different mail environments, such as
  1033. different mail formats and protocols, is complex and does not easily
  1034. yield to standardization. However, some general requirements may be
  1035. given for a gateway between the Internet and another mail
  1036. environment.
  1037. Klensin Standards Track [Page 25]
  1038. RFC 2821 Simple Mail Transfer Protocol April 2001
  1039. 3.8.1 Header Fields in Gatewaying
  1040. Header fields MAY be rewritten when necessary as messages are
  1041. gatewayed across mail environment boundaries. This may involve
  1042. inspecting the message body or interpreting the local-part of the
  1043. destination address in spite of the prohibitions in section 2.4.1.
  1044. Other mail systems gatewayed to the Internet often use a subset of
  1045. RFC 822 headers or provide similar functionality with a different
  1046. syntax, but some of these mail systems do not have an equivalent to
  1047. the SMTP envelope. Therefore, when a message leaves the Internet
  1048. environment, it may be necessary to fold the SMTP envelope
  1049. information into the message header. A possible solution would be to
  1050. create new header fields to carry the envelope information (e.g.,
  1051. "X-SMTP-MAIL:" and "X-SMTP-RCPT:"); however, this would require
  1052. changes in mail programs in foreign environments and might risk
  1053. disclosure of private information (see section 7.2).
  1054. 3.8.2 Received Lines in Gatewaying
  1055. When forwarding a message into or out of the Internet environment, a
  1056. gateway MUST prepend a Received: line, but it MUST NOT alter in any
  1057. way a Received: line that is already in the header.
  1058. "Received:" fields of messages originating from other environments
  1059. may not conform exactly to this specification. However, the most
  1060. important use of Received: lines is for debugging mail faults, and
  1061. this debugging can be severely hampered by well-meaning gateways that
  1062. try to "fix" a Received: line. As another consequence of trace
  1063. fields arising in non-SMTP environments, receiving systems MUST NOT
  1064. reject mail based on the format of a trace field and SHOULD be
  1065. extremely robust in the light of unexpected information or formats in
  1066. those fields.
  1067. The gateway SHOULD indicate the environment and protocol in the "via"
  1068. clauses of Received field(s) that it supplies.
  1069. 3.8.3 Addresses in Gatewaying
  1070. From the Internet side, the gateway SHOULD accept all valid address
  1071. formats in SMTP commands and in RFC 822 headers, and all valid RFC
  1072. 822 messages. Addresses and headers generated by gateways MUST
  1073. conform to applicable Internet standards (including this one and RFC
  1074. 822). Gateways are, of course, subject to the same rules for
  1075. handling source routes as those described for other SMTP systems in
  1076. section 3.3.
  1077. Klensin Standards Track [Page 26]
  1078. RFC 2821 Simple Mail Transfer Protocol April 2001
  1079. 3.8.4 Other Header Fields in Gatewaying
  1080. The gateway MUST ensure that all header fields of a message that it
  1081. forwards into the Internet mail environment meet the requirements for
  1082. Internet mail. In particular, all addresses in "From:", "To:",
  1083. "Cc:", etc., fields MUST be transformed (if necessary) to satisfy RFC
  1084. 822 syntax, MUST reference only fully-qualified domain names, and
  1085. MUST be effective and useful for sending replies. The translation
  1086. algorithm used to convert mail from the Internet protocols to another
  1087. environment's protocol SHOULD ensure that error messages from the
  1088. foreign mail environment are delivered to the return path from the
  1089. SMTP envelope, not to the sender listed in the "From:" field (or
  1090. other fields) of the RFC 822 message.
  1091. 3.8.5 Envelopes in Gatewaying
  1092. Similarly, when forwarding a message from another environment into
  1093. the Internet, the gateway SHOULD set the envelope return path in
  1094. accordance with an error message return address, if supplied by the
  1095. foreign environment. If the foreign environment has no equivalent
  1096. concept, the gateway must select and use a best approximation, with
  1097. the message originator's address as the default of last resort.
  1098. 3.9 Terminating Sessions and Connections
  1099. An SMTP connection is terminated when the client sends a QUIT
  1100. command. The server responds with a positive reply code, after which
  1101. it closes the connection.
  1102. An SMTP server MUST NOT intentionally close the connection except:
  1103. - After receiving a QUIT command and responding with a 221 reply.
  1104. - After detecting the need to shut down the SMTP service and
  1105. returning a 421 response code. This response code can be issued
  1106. after the server receives any command or, if necessary,
  1107. asynchronously from command receipt (on the assumption that the
  1108. client will receive it after the next command is issued).
  1109. In particular, a server that closes connections in response to
  1110. commands that are not understood is in violation of this
  1111. specification. Servers are expected to be tolerant of unknown
  1112. commands, issuing a 500 reply and awaiting further instructions from
  1113. the client.
  1114. Klensin Standards Track [Page 27]
  1115. RFC 2821 Simple Mail Transfer Protocol April 2001
  1116. An SMTP server which is forcibly shut down via external means SHOULD
  1117. attempt to send a line containing a 421 response code to the SMTP
  1118. client before exiting. The SMTP client will normally read the 421
  1119. response code after sending its next command.
  1120. SMTP clients that experience a connection close, reset, or other
  1121. communications failure due to circumstances not under their control
  1122. (in violation of the intent of this specification but sometimes
  1123. unavoidable) SHOULD, to maintain the robustness of the mail system,
  1124. treat the mail transaction as if a 451 response had been received and
  1125. act accordingly.
  1126. 3.10 Mailing Lists and Aliases
  1127. An SMTP-capable host SHOULD support both the alias and the list
  1128. models of address expansion for multiple delivery. When a message is
  1129. delivered or forwarded to each address of an expanded list form, the
  1130. return address in the envelope ("MAIL FROM:") MUST be changed to be
  1131. the address of a person or other entity who administers the list.
  1132. However, in this case, the message header [32] MUST be left
  1133. unchanged; in particular, the "From" field of the message header is
  1134. unaffected.
  1135. An important mail facility is a mechanism for multi-destination
  1136. delivery of a single message, by transforming (or "expanding" or
  1137. "exploding") a pseudo-mailbox address into a list of destination
  1138. mailbox addresses. When a message is sent to such a pseudo-mailbox
  1139. (sometimes called an "exploder"), copies are forwarded or
  1140. redistributed to each mailbox in the expanded list. Servers SHOULD
  1141. simply utilize the addresses on the list; application of heuristics
  1142. or other matching rules to eliminate some addresses, such as that of
  1143. the originator, is strongly discouraged. We classify such a pseudo-
  1144. mailbox as an "alias" or a "list", depending upon the expansion
  1145. rules.
  1146. 3.10.1 Alias
  1147. To expand an alias, the recipient mailer simply replaces the pseudo-
  1148. mailbox address in the envelope with each of the expanded addresses
  1149. in turn; the rest of the envelope and the message body are left
  1150. unchanged. The message is then delivered or forwarded to each
  1151. expanded address.
  1152. 3.10.2 List
  1153. A mailing list may be said to operate by "redistribution" rather than
  1154. by "forwarding". To expand a list, the recipient mailer replaces the
  1155. pseudo-mailbox address in the envelope with all of the expanded
  1156. Klensin Standards Track [Page 28]
  1157. RFC 2821 Simple Mail Transfer Protocol April 2001
  1158. addresses. The return address in the envelope is changed so that all
  1159. error messages generated by the final deliveries will be returned to
  1160. a list administrator, not to the message originator, who generally
  1161. has no control over the contents of the list and will typically find
  1162. error messages annoying.
  1163. 4. The SMTP Specifications
  1164. 4.1 SMTP Commands
  1165. 4.1.1 Command Semantics and Syntax
  1166. The SMTP commands define the mail transfer or the mail system
  1167. function requested by the user. SMTP commands are character strings
  1168. terminated by <CRLF>. The commands themselves are alphabetic
  1169. characters terminated by <SP> if parameters follow and <CRLF>
  1170. otherwise. (In the interest of improved interoperability, SMTP
  1171. receivers are encouraged to tolerate trailing white space before the
  1172. terminating <CRLF>.) The syntax of the local part of a mailbox must
  1173. conform to receiver site conventions and the syntax specified in
  1174. section 4.1.2. The SMTP commands are discussed below. The SMTP
  1175. replies are discussed in section 4.2.
  1176. A mail transaction involves several data objects which are
  1177. communicated as arguments to different commands. The reverse-path is
  1178. the argument of the MAIL command, the forward-path is the argument of
  1179. the RCPT command, and the mail data is the argument of the DATA
  1180. command. These arguments or data objects must be transmitted and
  1181. held pending the confirmation communicated by the end of mail data
  1182. indication which finalizes the transaction. The model for this is
  1183. that distinct buffers are provided to hold the types of data objects,
  1184. that is, there is a reverse-path buffer, a forward-path buffer, and a
  1185. mail data buffer. Specific commands cause information to be appended
  1186. to a specific buffer, or cause one or more buffers to be cleared.
  1187. Several commands (RSET, DATA, QUIT) are specified as not permitting
  1188. parameters. In the absence of specific extensions offered by the
  1189. server and accepted by the client, clients MUST NOT send such
  1190. parameters and servers SHOULD reject commands containing them as
  1191. having invalid syntax.
  1192. 4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
  1193. These commands are used to identify the SMTP client to the SMTP
  1194. server. The argument field contains the fully-qualified domain name
  1195. of the SMTP client if one is available. In situations in which the
  1196. SMTP client system does not have a meaningful domain name (e.g., when
  1197. its address is dynamically allocated and no reverse mapping record is
  1198. Klensin Standards Track [Page 29]
  1199. RFC 2821 Simple Mail Transfer Protocol April 2001
  1200. available), the client SHOULD send an address literal (see section
  1201. 4.1.3), optionally followed by information that will help to identify
  1202. the client system. y The SMTP server identifies itself to the SMTP
  1203. client in the connection greeting reply and in the response to this
  1204. command.
  1205. A client SMTP SHOULD start an SMTP session by issuing the EHLO
  1206. command. If the SMTP server supports the SMTP service extensions it
  1207. will give a successful response, a failure response, or an error
  1208. response. If the SMTP server, in violation of this specification,
  1209. does not support any SMTP service extensions it will generate an
  1210. error response. Older client SMTP systems MAY, as discussed above,
  1211. use HELO (as specified in RFC 821) instead of EHLO, and servers MUST
  1212. support the HELO command and reply properly to it. In any event, a
  1213. client MUST issue HELO or EHLO before starting a mail transaction.
  1214. These commands, and a "250 OK" reply to one of them, confirm that
  1215. both the SMTP client and the SMTP server are in the initial state,
  1216. that is, there is no transaction in progress and all state tables and
  1217. buffers are cleared.
  1218. Syntax:
  1219. ehlo = "EHLO" SP Domain CRLF
  1220. helo = "HELO" SP Domain CRLF
  1221. Normally, the response to EHLO will be a multiline reply. Each line
  1222. of the response contains a keyword and, optionally, one or more
  1223. parameters. Following the normal syntax for multiline replies, these
  1224. keyworks follow the code (250) and a hyphen for all but the last
  1225. line, and the code and a space for the last line. The syntax for a
  1226. positive response, using the ABNF notation and terminal symbols of
  1227. [8], is:
  1228. ehlo-ok-rsp = ( "250" domain [ SP ehlo-greet ] CRLF )
  1229. / ( "250-" domain [ SP ehlo-greet ] CRLF
  1230. *( "250-" ehlo-line CRLF )
  1231. "250" SP ehlo-line CRLF )
  1232. ehlo-greet = 1*(%d0-9 / %d11-12 / %d14-127)
  1233. ; string of any characters other than CR or LF
  1234. ehlo-line = ehlo-keyword *( SP ehlo-param )
  1235. ehlo-keyword = (ALPHA / DIGIT) *(ALPHA / DIGIT / "-")
  1236. ; additional syntax of ehlo-params depends on
  1237. ; ehlo-keyword
  1238. Klensin Standards Track [Page 30]
  1239. RFC 2821 Simple Mail Transfer Protocol April 2001
  1240. ehlo-param = 1*(%d33-127)
  1241. ; any CHAR excluding <SP> and all
  1242. ; control characters (US-ASCII 0-31 inclusive)
  1243. Although EHLO keywords may be specified in upper, lower, or mixed
  1244. case, they MUST always be recognized and processed in a case-
  1245. insensitive manner. This is simply an extension of practices
  1246. specified in RFC 821 and section 2.4.1.
  1247. 4.1.1.2 MAIL (MAIL)
  1248. This command is used to initiate a mail transaction in which the mail
  1249. data is delivered to an SMTP server which may, in turn, deliver it to
  1250. one or more mailboxes or pass it on to another system (possibly using
  1251. SMTP). The argument field contains a reverse-path and may contain
  1252. optional parameters. In general, the MAIL command may be sent only
  1253. when no mail transaction is in progress, see section 4.1.4.
  1254. The reverse-path consists of the sender mailbox. Historically, that
  1255. mailbox might optionally have been preceded by a list of hosts, but
  1256. that behavior is now deprecated (see appendix C). In some types of
  1257. reporting messages for which a reply is likely to cause a mail loop
  1258. (for example, mail delivery and nondelivery notifications), the
  1259. reverse-path may be null (see section 3.7).
  1260. This command clears the reverse-path buffer, the forward-path buffer,
  1261. and the mail data buffer; and inserts the reverse-path information
  1262. from this command into the reverse-path buffer.
  1263. If service extensions were negotiated, the MAIL command may also
  1264. carry parameters associated with a particular service extension.
  1265. Syntax:
  1266. "MAIL FROM:" ("<>" / Reverse-Path)
  1267. [SP Mail-parameters] CRLF
  1268. 4.1.1.3 RECIPIENT (RCPT)
  1269. This command is used to identify an individual recipient of the mail
  1270. data; multiple recipients are specified by multiple use of this
  1271. command. The argument field contains a forward-path and may contain
  1272. optional parameters.
  1273. The forward-path normally consists of the required destination
  1274. mailbox. Sending systems SHOULD not generate the optional list of
  1275. hosts known as a source route. Receiving systems MUST recognize
  1276. Klensin Standards Track [Page 31]
  1277. RFC 2821 Simple Mail Transfer Protocol April 2001
  1278. source route syntax but SHOULD strip off the source route
  1279. specification and utilize the domain name associated with the mailbox
  1280. as if the source route had not been provided.
  1281. Similarly, relay hosts SHOULD strip or ignore source routes, and
  1282. names MUST NOT be copied into the reverse-path. When mail reaches
  1283. its ultimate destination (the forward-path contains only a
  1284. destination mailbox), the SMTP server inserts it into the destination
  1285. mailbox in accordance with its host mail conventions.
  1286. For example, mail received at relay host xyz.com with envelope
  1287. commands
  1288. MAIL FROM:<userx@y.foo.org>
  1289. RCPT TO:<@hosta.int,@jkl.org:userc@d.bar.org>
  1290. will normally be sent directly on to host d.bar.org with envelope
  1291. commands
  1292. MAIL FROM:<userx@y.foo.org>
  1293. RCPT TO:<userc@d.bar.org>
  1294. As provided in appendix C, xyz.com MAY also choose to relay the
  1295. message to hosta.int, using the envelope commands
  1296. MAIL FROM:<userx@y.foo.org>
  1297. RCPT TO:<@hosta.int,@jkl.org:userc@d.bar.org>
  1298. or to jkl.org, using the envelope commands
  1299. MAIL FROM:<userx@y.foo.org>
  1300. RCPT TO:<@jkl.org:userc@d.bar.org>
  1301. Of course, since hosts are not required to relay mail at all, xyz.com
  1302. may also reject the message entirely when the RCPT command is
  1303. received, using a 550 code (since this is a "policy reason").
  1304. If service extensions were negotiated, the RCPT command may also
  1305. carry parameters associated with a particular service extension
  1306. offered by the server. The client MUST NOT transmit parameters other
  1307. than those associated with a service extension offered by the server
  1308. in its EHLO response.
  1309. Syntax:
  1310. "RCPT TO:" ("<Postmaster@" domain ">" / "<Postmaster>" / Forward-Path)
  1311. [SP Rcpt-parameters] CRLF
  1312. Klensin Standards Track [Page 32]
  1313. RFC 2821 Simple Mail Transfer Protocol April 2001
  1314. 4.1.1.4 DATA (DATA)
  1315. The receiver normally sends a 354 response to DATA, and then treats
  1316. the lines (strings ending in <CRLF> sequences, as described in
  1317. section 2.3.7) following the command as mail data from the sender.
  1318. This command causes the mail data to be appended to the mail data
  1319. buffer. The mail data may contain any of the 128 ASCII character
  1320. codes, although experience has indicated that use of control
  1321. characters other than SP, HT, CR, and LF may cause problems and
  1322. SHOULD be avoided when possible.
  1323. The mail data is terminated by a line containing only a period, that
  1324. is, the character sequence "<CRLF>.<CRLF>" (see section 4.5.2). This
  1325. is the end of mail data indication. Note that the first <CRLF> of
  1326. this terminating sequence is also the <CRLF> that ends the final line
  1327. of the data (message text) or, if there was no data, ends the DATA
  1328. command itself. An extra <CRLF> MUST NOT be added, as that would
  1329. cause an empty line to be added to the message. The only exception
  1330. to this rule would arise if the message body were passed to the
  1331. originating SMTP-sender with a final "line" that did not end in
  1332. <CRLF>; in that case, the originating SMTP system MUST either reject
  1333. the message as invalid or add <CRLF> in order to have the receiving
  1334. SMTP server recognize the "end of data" condition.
  1335. The custom of accepting lines ending only in <LF>, as a concession to
  1336. non-conforming behavior on the part of some UNIX systems, has proven
  1337. to cause more interoperability problems than it solves, and SMTP
  1338. server systems MUST NOT do this, even in the name of improved
  1339. robustness. In particular, the sequence "<LF>.<LF>" (bare line
  1340. feeds, without carriage returns) MUST NOT be treated as equivalent to
  1341. <CRLF>.<CRLF> as the end of mail data indication.
  1342. Receipt of the end of mail data indication requires the server to
  1343. process the stored mail transaction information. This processing
  1344. consumes the information in the reverse-path buffer, the forward-path
  1345. buffer, and the mail data buffer, and on the completion of this
  1346. command these buffers are cleared. If the processing is successful,
  1347. the receiver MUST send an OK reply. If the processing fails the
  1348. receiver MUST send a failure reply. The SMTP model does not allow
  1349. for partial failures at this point: either the message is accepted by
  1350. the server for delivery and a positive response is returned or it is
  1351. not accepted and a failure reply is returned. In sending a positive
  1352. completion reply to the end of data indication, the receiver takes
  1353. full responsibility for the message (see section 6.1). Errors that
  1354. are diagnosed subsequently MUST be reported in a mail message, as
  1355. discussed in section 4.4.
  1356. Klensin Standards Track [Page 33]
  1357. RFC 2821 Simple Mail Transfer Protocol April 2001
  1358. When the SMTP server accepts a message either for relaying or for
  1359. final delivery, it inserts a trace record (also referred to
  1360. interchangeably as a "time stamp line" or "Received" line) at the top
  1361. of the mail data. This trace record indicates the identity of the
  1362. host that sent the message, the identity of the host that received
  1363. the message (and is inserting this time stamp), and the date and time
  1364. the message was received. Relayed messages will have multiple time
  1365. stamp lines. Details for formation of these lines, including their
  1366. syntax, is specified in section 4.4.
  1367. Additional discussion about the operation of the DATA command appears
  1368. in section 3.3.
  1369. Syntax:
  1370. "DATA" CRLF
  1371. 4.1.1.5 RESET (RSET)
  1372. This command specifies that the current mail transaction will be
  1373. aborted. Any stored sender, recipients, and mail data MUST be
  1374. discarded, and all buffers and state tables cleared. The receiver
  1375. MUST send a "250 OK" reply to a RSET command with no arguments. A
  1376. reset command may be issued by the client at any time. It is
  1377. effectively equivalent to a NOOP (i.e., if has no effect) if issued
  1378. immediately after EHLO, before EHLO is issued in the session, after
  1379. an end-of-data indicator has been sent and acknowledged, or
  1380. immediately before a QUIT. An SMTP server MUST NOT close the
  1381. connection as the result of receiving a RSET; that action is reserved
  1382. for QUIT (see section 4.1.1.10).
  1383. Since EHLO implies some additional processing and response by the
  1384. server, RSET will normally be more efficient than reissuing that
  1385. command, even though the formal semantics are the same.
  1386. There are circumstances, contrary to the intent of this
  1387. specification, in which an SMTP server may receive an indication that
  1388. the underlying TCP connection has been closed or reset. To preserve
  1389. the robustness of the mail system, SMTP servers SHOULD be prepared
  1390. for this condition and SHOULD treat it as if a QUIT had been received
  1391. before the connection disappeared.
  1392. Syntax:
  1393. "RSET" CRLF
  1394. Klensin Standards Track [Page 34]
  1395. RFC 2821 Simple Mail Transfer Protocol April 2001
  1396. 4.1.1.6 VERIFY (VRFY)
  1397. This command asks the receiver to confirm that the argument
  1398. identifies a user or mailbox. If it is a user name, information is
  1399. returned as specified in section 3.5.
  1400. This command has no effect on the reverse-path buffer, the forward-
  1401. path buffer, or the mail data buffer.
  1402. Syntax:
  1403. "VRFY" SP String CRLF
  1404. 4.1.1.7 EXPAND (EXPN)
  1405. This command asks the receiver to confirm that the argument
  1406. identifies a mailing list, and if so, to return the membership of
  1407. that list. If the command is successful, a reply is returned
  1408. containing information as described in section 3.5. This reply will
  1409. have multiple lines except in the trivial case of a one-member list.
  1410. This command has no effect on the reverse-path buffer, the forward-
  1411. path buffer, or the mail data buffer and may be issued at any time.
  1412. Syntax:
  1413. "EXPN" SP String CRLF
  1414. 4.1.1.8 HELP (HELP)
  1415. This command causes the server to send helpful information to the
  1416. client. The command MAY take an argument (e.g., any command name)
  1417. and return more specific information as a response.
  1418. This command has no effect on the reverse-path buffer, the forward-
  1419. path buffer, or the mail data buffer and may be issued at any time.
  1420. SMTP servers SHOULD support HELP without arguments and MAY support it
  1421. with arguments.
  1422. Syntax:
  1423. "HELP" [ SP String ] CRLF
  1424. 4.1.1.9 NOOP (NOOP)
  1425. This command does not affect any parameters or previously entered
  1426. commands. It specifies no action other than that the receiver send
  1427. an OK reply.
  1428. Klensin Standards Track [Page 35]
  1429. RFC 2821 Simple Mail Transfer Protocol April 2001
  1430. This command has no effect on the reverse-path buffer, the forward-
  1431. path buffer, or the mail data buffer and may be issued at any time.
  1432. If a parameter string is specified, servers SHOULD ignore it.
  1433. Syntax:
  1434. "NOOP" [ SP String ] CRLF
  1435. 4.1.1.10 QUIT (QUIT)
  1436. This command specifies that the receiver MUST send an OK reply, and
  1437. then close the transmission channel.
  1438. The receiver MUST NOT intentionally close the transmission channel
  1439. until it receives and replies to a QUIT command (even if there was an
  1440. error). The sender MUST NOT intentionally close the transmission
  1441. channel until it sends a QUIT command and SHOULD wait until it
  1442. receives the reply (even if there was an error response to a previous
  1443. command). If the connection is closed prematurely due to violations
  1444. of the above or system or network failure, the server MUST cancel any
  1445. pending transaction, but not undo any previously completed
  1446. transaction, and generally MUST act as if the command or transaction
  1447. in progress had received a temporary error (i.e., a 4yz response).
  1448. The QUIT command may be issued at any time.
  1449. Syntax:
  1450. "QUIT" CRLF
  1451. 4.1.2 Command Argument Syntax
  1452. The syntax of the argument fields of the above commands (using the
  1453. syntax specified in [8] where applicable) is given below. Some of
  1454. the productions given below are used only in conjunction with source
  1455. routes as described in appendix C. Terminals not defined in this
  1456. document, such as ALPHA, DIGIT, SP, CR, LF, CRLF, are as defined in
  1457. the "core" syntax [8 (section 6)] or in the message format syntax
  1458. [32].
  1459. Reverse-path = Path
  1460. Forward-path = Path
  1461. Path = "<" [ A-d-l ":" ] Mailbox ">"
  1462. A-d-l = At-domain *( "," A-d-l )
  1463. ; Note that this form, the so-called "source route",
  1464. ; MUST BE accepted, SHOULD NOT be generated, and SHOULD be
  1465. ; ignored.
  1466. At-domain = "@" domain
  1467. Mail-parameters = esmtp-param *(SP esmtp-param)
  1468. Rcpt-parameters = esmtp-param *(SP esmtp-param)
  1469. Klensin Standards Track [Page 36]
  1470. RFC 2821 Simple Mail Transfer Protocol April 2001
  1471. esmtp-param = esmtp-keyword ["=" esmtp-value]
  1472. esmtp-keyword = (ALPHA / DIGIT) *(ALPHA / DIGIT / "-")
  1473. esmtp-value = 1*(%d33-60 / %d62-127)
  1474. ; any CHAR excluding "=", SP, and control characters
  1475. Keyword = Ldh-str
  1476. Argument = Atom
  1477. Domain = (sub-domain 1*("." sub-domain)) / address-literal
  1478. sub-domain = Let-dig [Ldh-str]
  1479. address-literal = "[" IPv4-address-literal /
  1480. IPv6-address-literal /
  1481. General-address-literal "]"
  1482. ; See section 4.1.3
  1483. Mailbox = Local-part "@" Domain
  1484. Local-part = Dot-string / Quoted-string
  1485. ; MAY be case-sensitive
  1486. Dot-string = Atom *("." Atom)
  1487. Atom = 1*atext
  1488. Quoted-string = DQUOTE *qcontent DQUOTE
  1489. String = Atom / Quoted-string
  1490. While the above definition for Local-part is relatively permissive,
  1491. for maximum interoperability, a host that expects to receive mail
  1492. SHOULD avoid defining mailboxes where the Local-part requires (or
  1493. uses) the Quoted-string form or where the Local-part is case-
  1494. sensitive. For any purposes that require generating or comparing
  1495. Local-parts (e.g., to specific mailbox names), all quoted forms MUST
  1496. be treated as equivalent and the sending system SHOULD transmit the
  1497. form that uses the minimum quoting possible.
  1498. Systems MUST NOT define mailboxes in such a way as to require the use
  1499. in SMTP of non-ASCII characters (octets with the high order bit set
  1500. to one) or ASCII "control characters" (decimal value 0-31 and 127).
  1501. These characters MUST NOT be used in MAIL or RCPT commands or other
  1502. commands that require mailbox names.
  1503. Note that the backslash, "\", is a quote character, which is used to
  1504. indicate that the next character is to be used literally (instead of
  1505. its normal interpretation). For example, "Joe\,Smith" indicates a
  1506. single nine character user field with the comma being the fourth
  1507. character of the field.
  1508. Klensin Standards Track [Page 37]
  1509. RFC 2821 Simple Mail Transfer Protocol April 2001
  1510. To promote interoperability and consistent with long-standing
  1511. guidance about conservative use of the DNS in naming and applications
  1512. (e.g., see section 2.3.1 of the base DNS document, RFC1035 [22]),
  1513. characters outside the set of alphas, digits, and hyphen MUST NOT
  1514. appear in domain name labels for SMTP clients or servers. In
  1515. particular, the underscore character is not permitted. SMTP servers
  1516. that receive a command in which invalid character codes have been
  1517. employed, and for which there are no other reasons for rejection,
  1518. MUST reject that command with a 501 response.
  1519. 4.1.3 Address Literals
  1520. Sometimes a host is not known to the domain name system and
  1521. communication (and, in particular, communication to report and repair
  1522. the error) is blocked. To bypass this barrier a special literal form
  1523. of the address is allowed as an alternative to a domain name. For
  1524. IPv4 addresses, this form uses four small decimal integers separated
  1525. by dots and enclosed by brackets such as [123.255.37.2], which
  1526. indicates an (IPv4) Internet Address in sequence-of-octets form. For
  1527. IPv6 and other forms of addressing that might eventually be
  1528. standardized, the form consists of a standardized "tag" that
  1529. identifies the address syntax, a colon, and the address itself, in a
  1530. format specified as part of the IPv6 standards [17].
  1531. Specifically:
  1532. IPv4-address-literal = Snum 3("." Snum)
  1533. IPv6-address-literal = "IPv6:" IPv6-addr
  1534. General-address-literal = Standardized-tag ":" 1*dcontent
  1535. Standardized-tag = Ldh-str
  1536. ; MUST be specified in a standards-track RFC
  1537. ; and registered with IANA
  1538. Snum = 1*3DIGIT ; representing a decimal integer
  1539. ; value in the range 0 through 255
  1540. Let-dig = ALPHA / DIGIT
  1541. Ldh-str = *( ALPHA / DIGIT / "-" ) Let-dig
  1542. IPv6-addr = IPv6-full / IPv6-comp / IPv6v4-full / IPv6v4-comp
  1543. IPv6-hex = 1*4HEXDIG
  1544. IPv6-full = IPv6-hex 7(":" IPv6-hex)
  1545. IPv6-comp = [IPv6-hex *5(":" IPv6-hex)] "::" [IPv6-hex *5(":"
  1546. IPv6-hex)]
  1547. ; The "::" represents at least 2 16-bit groups of zeros
  1548. ; No more than 6 groups in addition to the "::" may be
  1549. ; present
  1550. IPv6v4-full = IPv6-hex 5(":" IPv6-hex) ":" IPv4-address-literal
  1551. IPv6v4-comp = [IPv6-hex *3(":" IPv6-hex)] "::"
  1552. Klensin Standards Track [Page 38]
  1553. RFC 2821 Simple Mail Transfer Protocol April 2001
  1554. [IPv6-hex *3(":" IPv6-hex) ":"] IPv4-address-literal
  1555. ; The "::" represents at least 2 16-bit groups of zeros
  1556. ; No more than 4 groups in addition to the "::" and
  1557. ; IPv4-address-literal may be present
  1558. 4.1.4 Order of Commands
  1559. There are restrictions on the order in which these commands may be
  1560. used.
  1561. A session that will contain mail transactions MUST first be
  1562. initialized by the use of the EHLO command. An SMTP server SHOULD
  1563. accept commands for non-mail transactions (e.g., VRFY or EXPN)
  1564. without this initialization.
  1565. An EHLO command MAY be issued by a client later in the session. If
  1566. it is issued after the session begins, the SMTP server MUST clear all
  1567. buffers and reset the state exactly as if a RSET command had been
  1568. issued. In other words, the sequence of RSET followed immediately by
  1569. EHLO is redundant, but not harmful other than in the performance cost
  1570. of executing unnecessary commands.
  1571. If the EHLO command is not acceptable to the SMTP server, 501, 500,
  1572. or 502 failure replies MUST be returned as appropriate. The SMTP
  1573. server MUST stay in the same state after transmitting these replies
  1574. that it was in before the EHLO was received.
  1575. The SMTP client MUST, if possible, ensure that the domain parameter
  1576. to the EHLO command is a valid principal host name (not a CNAME or MX
  1577. name) for its host. If this is not possible (e.g., when the client's
  1578. address is dynamically assigned and the client does not have an
  1579. obvious name), an address literal SHOULD be substituted for the
  1580. domain name and supplemental information provided that will assist in
  1581. identifying the client.
  1582. An SMTP server MAY verify that the domain name parameter in the EHLO
  1583. command actually corresponds to the IP address of the client.
  1584. However, the server MUST NOT refuse to accept a message for this
  1585. reason if the verification fails: the information about verification
  1586. failure is for logging and tracing only.
  1587. The NOOP, HELP, EXPN, VRFY, and RSET commands can be used at any time
  1588. during a session, or without previously initializing a session. SMTP
  1589. servers SHOULD process these normally (that is, not return a 503
  1590. code) even if no EHLO command has yet been received; clients SHOULD
  1591. open a session with EHLO before sending these commands.
  1592. Klensin Standards Track [Page 39]
  1593. RFC 2821 Simple Mail Transfer Protocol April 2001
  1594. If these rules are followed, the example in RFC 821 that shows "550
  1595. access denied to you" in response to an EXPN command is incorrect
  1596. unless an EHLO command precedes the EXPN or the denial of access is
  1597. based on the client's IP address or other authentication or
  1598. authorization-determining mechanisms.
  1599. The MAIL command (or the obsolete SEND, SOML, or SAML commands)
  1600. begins a mail transaction. Once started, a mail transaction consists
  1601. of a transaction beginning command, one or more RCPT commands, and a
  1602. DATA command, in that order. A mail transaction may be aborted by
  1603. the RSET (or a new EHLO) command. There may be zero or more
  1604. transactions in a session. MAIL (or SEND, SOML, or SAML) MUST NOT be
  1605. sent if a mail transaction is already open, i.e., it should be sent
  1606. only if no mail transaction had been started in the session, or it
  1607. the previous one successfully concluded with a successful DATA
  1608. command, or if the previous one was aborted with a RSET.
  1609. If the transaction beginning command argument is not acceptable, a
  1610. 501 failure reply MUST be returned and the SMTP server MUST stay in
  1611. the same state. If the commands in a transaction are out of order to
  1612. the degree that they cannot be processed by the server, a 503 failure
  1613. reply MUST be returned and the SMTP server MUST stay in the same
  1614. state.
  1615. The last command in a session MUST be the QUIT command. The QUIT
  1616. command cannot be used at any other time in a session, but SHOULD be
  1617. used by the client SMTP to request connection closure, even when no
  1618. session opening command was sent and accepted.
  1619. 4.1.5 Private-use Commands
  1620. As specified in section 2.2.2, commands starting in "X" may be used
  1621. by bilateral agreement between the client (sending) and server
  1622. (receiving) SMTP agents. An SMTP server that does not recognize such
  1623. a command is expected to reply with "500 Command not recognized". An
  1624. extended SMTP server MAY list the feature names associated with these
  1625. private commands in the response to the EHLO command.
  1626. Commands sent or accepted by SMTP systems that do not start with "X"
  1627. MUST conform to the requirements of section 2.2.2.
  1628. 4.2 SMTP Replies
  1629. Replies to SMTP commands serve to ensure the synchronization of
  1630. requests and actions in the process of mail transfer and to guarantee
  1631. that the SMTP client always knows the state of the SMTP server.
  1632. Every command MUST generate exactly one reply.
  1633. Klensin Standards Track [Page 40]
  1634. RFC 2821 Simple Mail Transfer Protocol April 2001
  1635. The details of the command-reply sequence are described in section
  1636. 4.3.
  1637. An SMTP reply consists of a three digit number (transmitted as three
  1638. numeric characters) followed by some text unless specified otherwise
  1639. in this document. The number is for use by automata to determine
  1640. what state to enter next; the text is for the human user. The three
  1641. digits contain enough encoded information that the SMTP client need
  1642. not examine the text and may either discard it or pass it on to the
  1643. user, as appropriate. Exceptions are as noted elsewhere in this
  1644. document. In particular, the 220, 221, 251, 421, and 551 reply codes
  1645. are associated with message text that must be parsed and interpreted
  1646. by machines. In the general case, the text may be receiver dependent
  1647. and context dependent, so there are likely to be varying texts for
  1648. each reply code. A discussion of the theory of reply codes is given
  1649. in section 4.2.1. Formally, a reply is defined to be the sequence: a
  1650. three-digit code, <SP>, one line of text, and <CRLF>, or a multiline
  1651. reply (as defined in section 4.2.1). Since, in violation of this
  1652. specification, the text is sometimes not sent, clients which do not
  1653. receive it SHOULD be prepared to process the code alone (with or
  1654. without a trailing space character). Only the EHLO, EXPN, and HELP
  1655. commands are expected to result in multiline replies in normal
  1656. circumstances, however, multiline replies are allowed for any
  1657. command.
  1658. In ABNF, server responses are:
  1659. Greeting = "220 " Domain [ SP text ] CRLF
  1660. Reply-line = Reply-code [ SP text ] CRLF
  1661. where "Greeting" appears only in the 220 response that announces that
  1662. the server is opening its part of the connection.
  1663. An SMTP server SHOULD send only the reply codes listed in this
  1664. document. An SMTP server SHOULD use the text shown in the examples
  1665. whenever appropriate.
  1666. An SMTP client MUST determine its actions only by the reply code, not
  1667. by the text (except for the "change of address" 251 and 551 and, if
  1668. necessary, 220, 221, and 421 replies); in the general case, any text,
  1669. including no text at all (although senders SHOULD NOT send bare
  1670. codes), MUST be acceptable. The space (blank) following the reply
  1671. code is considered part of the text. Whenever possible, a receiver-
  1672. SMTP SHOULD test the first digit (severity indication) of the reply
  1673. code.
  1674. Klensin Standards Track [Page 41]
  1675. RFC 2821 Simple Mail Transfer Protocol April 2001
  1676. The list of codes that appears below MUST NOT be construed as
  1677. permanent. While the addition of new codes should be a rare and
  1678. significant activity, with supplemental information in the textual
  1679. part of the response being preferred, new codes may be added as the
  1680. result of new Standards or Standards-track specifications.
  1681. Consequently, a sender-SMTP MUST be prepared to handle codes not
  1682. specified in this document and MUST do so by interpreting the first
  1683. digit only.
  1684. 4.2.1 Reply Code Severities and Theory
  1685. The three digits of the reply each have a special significance. The
  1686. first digit denotes whether the response is good, bad or incomplete.
  1687. An unsophisticated SMTP client, or one that receives an unexpected
  1688. code, will be able to determine its next action (proceed as planned,
  1689. redo, retrench, etc.) by examining this first digit. An SMTP client
  1690. that wants to know approximately what kind of error occurred (e.g.,
  1691. mail system error, command syntax error) may examine the second
  1692. digit. The third digit and any supplemental information that may be
  1693. present is reserved for the finest gradation of information.
  1694. There are five values for the first digit of the reply code:
  1695. 1yz Positive Preliminary reply
  1696. The command has been accepted, but the requested action is being
  1697. held in abeyance, pending confirmation of the information in this
  1698. reply. The SMTP client should send another command specifying
  1699. whether to continue or abort the action. Note: unextended SMTP
  1700. does not have any commands that allow this type of reply, and so
  1701. does not have continue or abort commands.
  1702. 2yz Positive Completion reply
  1703. The requested action has been successfully completed. A new
  1704. request may be initiated.
  1705. 3yz Positive Intermediate reply
  1706. The command has been accepted, but the requested action is being
  1707. held in abeyance, pending receipt of further information. The
  1708. SMTP client should send another command specifying this
  1709. information. This reply is used in command sequence groups (i.e.,
  1710. in DATA).
  1711. 4yz Transient Negative Completion reply
  1712. The command was not accepted, and the requested action did not
  1713. occur. However, the error condition is temporary and the action
  1714. may be requested again. The sender should return to the beginning
  1715. of the command sequence (if any). It is difficult to assign a
  1716. meaning to "transient" when two different sites (receiver- and
  1717. Klensin Standards Track [Page 42]
  1718. RFC 2821 Simple Mail Transfer Protocol April 2001
  1719. sender-SMTP agents) must agree on the interpretation. Each reply
  1720. in this category might have a different time value, but the SMTP
  1721. client is encouraged to try again. A rule of thumb to determine
  1722. whether a reply fits into the 4yz or the 5yz category (see below)
  1723. is that replies are 4yz if they can be successful if repeated
  1724. without any change in command form or in properties of the sender
  1725. or receiver (that is, the command is repeated identically and the
  1726. receiver does not put up a new implementation.)
  1727. 5yz Permanent Negative Completion reply
  1728. The command was not accepted and the requested action did not
  1729. occur. The SMTP client is discouraged from repeating the exact
  1730. request (in the same sequence). Even some "permanent" error
  1731. conditions can be corrected, so the human user may want to direct
  1732. the SMTP client to reinitiate the command sequence by direct
  1733. action at some point in the future (e.g., after the spelling has
  1734. been changed, or the user has altered the account status).
  1735. The second digit encodes responses in specific categories:
  1736. x0z Syntax: These replies refer to syntax errors, syntactically
  1737. correct commands that do not fit any functional category, and
  1738. unimplemented or superfluous commands.
  1739. x1z Information: These are replies to requests for information,
  1740. such as status or help.
  1741. x2z Connections: These are replies referring to the transmission
  1742. channel.
  1743. x3z Unspecified.
  1744. x4z Unspecified.
  1745. x5z Mail system: These replies indicate the status of the receiver
  1746. mail system vis-a-vis the requested transfer or other mail system
  1747. action.
  1748. The third digit gives a finer gradation of meaning in each category
  1749. specified by the second digit. The list of replies illustrates this.
  1750. Each reply text is recommended rather than mandatory, and may even
  1751. change according to the command with which it is associated. On the
  1752. other hand, the reply codes must strictly follow the specifications
  1753. in this section. Receiver implementations should not invent new
  1754. codes for slightly different situations from the ones described here,
  1755. but rather adapt codes already defined.
  1756. Klensin Standards Track [Page 43]
  1757. RFC 2821 Simple Mail Transfer Protocol April 2001
  1758. For example, a command such as NOOP, whose successful execution does
  1759. not offer the SMTP client any new information, will return a 250
  1760. reply. The reply is 502 when the command requests an unimplemented
  1761. non-site-specific action. A refinement of that is the 504 reply for
  1762. a command that is implemented, but that requests an unimplemented
  1763. parameter.
  1764. The reply text may be longer than a single line; in these cases the
  1765. complete text must be marked so the SMTP client knows when it can
  1766. stop reading the reply. This requires a special format to indicate a
  1767. multiple line reply.
  1768. The format for multiline replies requires that every line, except the
  1769. last, begin with the reply code, followed immediately by a hyphen,
  1770. "-" (also known as minus), followed by text. The last line will
  1771. begin with the reply code, followed immediately by <SP>, optionally
  1772. some text, and <CRLF>. As noted above, servers SHOULD send the <SP>
  1773. if subsequent text is not sent, but clients MUST be prepared for it
  1774. to be omitted.
  1775. For example:
  1776. 123-First line
  1777. 123-Second line
  1778. 123-234 text beginning with numbers
  1779. 123 The last line
  1780. In many cases the SMTP client then simply needs to search for a line
  1781. beginning with the reply code followed by <SP> or <CRLF> and ignore
  1782. all preceding lines. In a few cases, there is important data for the
  1783. client in the reply "text". The client will be able to identify
  1784. these cases from the current context.
  1785. 4.2.2 Reply Codes by Function Groups
  1786. 500 Syntax error, command unrecognized
  1787. (This may include errors such as command line too long)
  1788. 501 Syntax error in parameters or arguments
  1789. 502 Command not implemented (see section 4.2.4)
  1790. 503 Bad sequence of commands
  1791. 504 Command parameter not implemented
  1792. 211 System status, or system help reply
  1793. 214 Help message
  1794. (Information on how to use the receiver or the meaning of a
  1795. particular non-standard command; this reply is useful only
  1796. to the human user)
  1797. Klensin Standards Track [Page 44]
  1798. RFC 2821 Simple Mail Transfer Protocol April 2001
  1799. 220 <domain> Service ready
  1800. 221 <domain> Service closing transmission channel
  1801. 421 <domain> Service not available, closing transmission channel
  1802. (This may be a reply to any command if the service knows it
  1803. must shut down)
  1804. 250 Requested mail action okay, completed
  1805. 251 User not local; will forward to <forward-path>
  1806. (See section 3.4)
  1807. 252 Cannot VRFY user, but will accept message and attempt
  1808. delivery
  1809. (See section 3.5.3)
  1810. 450 Requested mail action not taken: mailbox unavailable
  1811. (e.g., mailbox busy)
  1812. 550 Requested action not taken: mailbox unavailable
  1813. (e.g., mailbox not found, no access, or command rejected
  1814. for policy reasons)
  1815. 451 Requested action aborted: error in processing
  1816. 551 User not local; please try <forward-path>
  1817. (See section 3.4)
  1818. 452 Requested action not taken: insufficient system storage
  1819. 552 Requested mail action aborted: exceeded storage allocation
  1820. 553 Requested action not taken: mailbox name not allowed
  1821. (e.g., mailbox syntax incorrect)
  1822. 354 Start mail input; end with <CRLF>.<CRLF>
  1823. 554 Transaction failed (Or, in the case of a connection-opening
  1824. response, "No SMTP service here")
  1825. 4.2.3 Reply Codes in Numeric Order
  1826. 211 System status, or system help reply
  1827. 214 Help message
  1828. (Information on how to use the receiver or the meaning of a
  1829. particular non-standard command; this reply is useful only
  1830. to the human user)
  1831. 220 <domain> Service ready
  1832. 221 <domain> Service closing transmission channel
  1833. 250 Requested mail action okay, completed
  1834. 251 User not local; will forward to <forward-path>
  1835. (See section 3.4)
  1836. 252 Cannot VRFY user, but will accept message and attempt
  1837. delivery
  1838. (See section 3.5.3)
  1839. 354 Start mail input; end with <CRLF>.<CRLF>
  1840. Klensin Standards Track [Page 45]
  1841. RFC 2821 Simple Mail Transfer Protocol April 2001
  1842. 421 <domain> Service not available, closing transmission channel
  1843. (This may be a reply to any command if the service knows it
  1844. must shut down)
  1845. 450 Requested mail action not taken: mailbox unavailable
  1846. (e.g., mailbox busy)
  1847. 451 Requested action aborted: local error in processing
  1848. 452 Requested action not taken: insufficient system storage
  1849. 500 Syntax error, command unrecognized
  1850. (This may include errors such as command line too long)
  1851. 501 Syntax error in parameters or arguments
  1852. 502 Command not implemented (see section 4.2.4)
  1853. 503 Bad sequence of commands
  1854. 504 Command parameter not implemented
  1855. 550 Requested action not taken: mailbox unavailable
  1856. (e.g., mailbox not found, no access, or command rejected
  1857. for policy reasons)
  1858. 551 User not local; please try <forward-path>
  1859. (See section 3.4)
  1860. 552 Requested mail action aborted: exceeded storage allocation
  1861. 553 Requested action not taken: mailbox name not allowed
  1862. (e.g., mailbox syntax incorrect)
  1863. 554 Transaction failed (Or, in the case of a connection-opening
  1864. response, "No SMTP service here")
  1865. 4.2.4 Reply Code 502
  1866. Questions have been raised as to when reply code 502 (Command not
  1867. implemented) SHOULD be returned in preference to other codes. 502
  1868. SHOULD be used when the command is actually recognized by the SMTP
  1869. server, but not implemented. If the command is not recognized, code
  1870. 500 SHOULD be returned. Extended SMTP systems MUST NOT list
  1871. capabilities in response to EHLO for which they will return 502 (or
  1872. 500) replies.
  1873. 4.2.5 Reply Codes After DATA and the Subsequent <CRLF>.<CRLF>
  1874. When an SMTP server returns a positive completion status (2yz code)
  1875. after the DATA command is completed with <CRLF>.<CRLF>, it accepts
  1876. responsibility for:
  1877. - delivering the message (if the recipient mailbox exists), or
  1878. - if attempts to deliver the message fail due to transient
  1879. conditions, retrying delivery some reasonable number of times at
  1880. intervals as specified in section 4.5.4.
  1881. Klensin Standards Track [Page 46]
  1882. RFC 2821 Simple Mail Transfer Protocol April 2001
  1883. - if attempts to deliver the message fail due to permanent
  1884. conditions, or if repeated attempts to deliver the message fail
  1885. due to transient conditions, returning appropriate notification to
  1886. the sender of the original message (using the address in the SMTP
  1887. MAIL command).
  1888. When an SMTP server returns a permanent error status (5yz) code after
  1889. the DATA command is completed with <CRLF>.<CRLF>, it MUST NOT make
  1890. any subsequent attempt to deliver that message. The SMTP client
  1891. retains responsibility for delivery of that message and may either
  1892. return it to the user or requeue it for a subsequent attempt (see
  1893. section 4.5.4.1).
  1894. The user who originated the message SHOULD be able to interpret the
  1895. return of a transient failure status (by mail message or otherwise)
  1896. as a non-delivery indication, just as a permanent failure would be
  1897. interpreted. I.e., if the client SMTP successfully handles these
  1898. conditions, the user will not receive such a reply.
  1899. When an SMTP server returns a permanent error status (5yz) code after
  1900. the DATA command is completely with <CRLF>.<CRLF>, it MUST NOT make
  1901. any subsequent attempt to deliver the message. As with temporary
  1902. error status codes, the SMTP client retains responsibility for the
  1903. message, but SHOULD not again attempt delivery to the same server
  1904. without user review and intervention of the message.
  1905. 4.3 Sequencing of Commands and Replies
  1906. 4.3.1 Sequencing Overview
  1907. The communication between the sender and receiver is an alternating
  1908. dialogue, controlled by the sender. As such, the sender issues a
  1909. command and the receiver responds with a reply. Unless other
  1910. arrangements are negotiated through service extensions, the sender
  1911. MUST wait for this response before sending further commands.
  1912. One important reply is the connection greeting. Normally, a receiver
  1913. will send a 220 "Service ready" reply when the connection is
  1914. completed. The sender SHOULD wait for this greeting message before
  1915. sending any commands.
  1916. Note: all the greeting-type replies have the official name (the
  1917. fully-qualified primary domain name) of the server host as the first
  1918. word following the reply code. Sometimes the host will have no
  1919. meaningful name. See 4.1.3 for a discussion of alternatives in these
  1920. situations.
  1921. Klensin Standards Track [Page 47]
  1922. RFC 2821 Simple Mail Transfer Protocol April 2001
  1923. For example,
  1924. 220 ISIF.USC.EDU Service ready
  1925. or
  1926. 220 mail.foo.com SuperSMTP v 6.1.2 Service ready
  1927. or
  1928. 220 [10.0.0.1] Clueless host service ready
  1929. The table below lists alternative success and failure replies for
  1930. each command. These SHOULD be strictly adhered to: a receiver may
  1931. substitute text in the replies, but the meaning and action implied by
  1932. the code numbers and by the specific command reply sequence cannot be
  1933. altered.
  1934. 4.3.2 Command-Reply Sequences
  1935. Each command is listed with its usual possible replies. The prefixes
  1936. used before the possible replies are "I" for intermediate, "S" for
  1937. success, and "E" for error. Since some servers may generate other
  1938. replies under special circumstances, and to allow for future
  1939. extension, SMTP clients SHOULD, when possible, interpret only the
  1940. first digit of the reply and MUST be prepared to deal with
  1941. unrecognized reply codes by interpreting the first digit only.
  1942. Unless extended using the mechanisms described in section 2.2, SMTP
  1943. servers MUST NOT transmit reply codes to an SMTP client that are
  1944. other than three digits or that do not start in a digit between 2 and
  1945. 5 inclusive.
  1946. These sequencing rules and, in principle, the codes themselves, can
  1947. be extended or modified by SMTP extensions offered by the server and
  1948. accepted (requested) by the client.
  1949. In addition to the codes listed below, any SMTP command can return
  1950. any of the following codes if the corresponding unusual circumstances
  1951. are encountered:
  1952. 500 For the "command line too long" case or if the command name was
  1953. not recognized. Note that producing a "command not recognized"
  1954. error in response to the required subset of these commands is a
  1955. violation of this specification.
  1956. 501 Syntax error in command or arguments. In order to provide for
  1957. future extensions, commands that are specified in this document as
  1958. not accepting arguments (DATA, RSET, QUIT) SHOULD return a 501
  1959. message if arguments are supplied in the absence of EHLO-
  1960. advertised extensions.
  1961. 421 Service shutting down and closing transmission channel
  1962. Klensin Standards Track [Page 48]
  1963. RFC 2821 Simple Mail Transfer Protocol April 2001
  1964. Specific sequences are:
  1965. CONNECTION ESTABLISHMENT
  1966. S: 220
  1967. E: 554
  1968. EHLO or HELO
  1969. S: 250
  1970. E: 504, 550
  1971. MAIL
  1972. S: 250
  1973. E: 552, 451, 452, 550, 553, 503
  1974. RCPT
  1975. S: 250, 251 (but see section 3.4 for discussion of 251 and 551)
  1976. E: 550, 551, 552, 553, 450, 451, 452, 503, 550
  1977. DATA
  1978. I: 354 -> data -> S: 250
  1979. E: 552, 554, 451, 452
  1980. E: 451, 554, 503
  1981. RSET
  1982. S: 250
  1983. VRFY
  1984. S: 250, 251, 252
  1985. E: 550, 551, 553, 502, 504
  1986. EXPN
  1987. S: 250, 252
  1988. E: 550, 500, 502, 504
  1989. HELP
  1990. S: 211, 214
  1991. E: 502, 504
  1992. NOOP
  1993. S: 250
  1994. QUIT
  1995. S: 221
  1996. 4.4 Trace Information
  1997. When an SMTP server receives a message for delivery or further
  1998. processing, it MUST insert trace ("time stamp" or "Received")
  1999. information at the beginning of the message content, as discussed in
  2000. section 4.1.1.4.
  2001. This line MUST be structured as follows:
  2002. - The FROM field, which MUST be supplied in an SMTP environment,
  2003. SHOULD contain both (1) the name of the source host as presented
  2004. in the EHLO command and (2) an address literal containing the IP
  2005. address of the source, determined from the TCP connection.
  2006. Klensin Standards Track [Page 49]
  2007. RFC 2821 Simple Mail Transfer Protocol April 2001
  2008. - The ID field MAY contain an "@" as suggested in RFC 822, but this
  2009. is not required.
  2010. - The FOR field MAY contain a list of <path> entries when multiple
  2011. RCPT commands have been given. This may raise some security
  2012. issues and is usually not desirable; see section 7.2.
  2013. An Internet mail program MUST NOT change a Received: line that was
  2014. previously added to the message header. SMTP servers MUST prepend
  2015. Received lines to messages; they MUST NOT change the order of
  2016. existing lines or insert Received lines in any other location.
  2017. As the Internet grows, comparability of Received fields is important
  2018. for detecting problems, especially slow relays. SMTP servers that
  2019. create Received fields SHOULD use explicit offsets in the dates
  2020. (e.g., -0800), rather than time zone names of any type. Local time
  2021. (with an offset) is preferred to UT when feasible. This formulation
  2022. allows slightly more information about local circumstances to be
  2023. specified. If UT is needed, the receiver need merely do some simple
  2024. arithmetic to convert the values. Use of UT loses information about
  2025. the time zone-location of the server. If it is desired to supply a
  2026. time zone name, it SHOULD be included in a comment.
  2027. When the delivery SMTP server makes the "final delivery" of a
  2028. message, it inserts a return-path line at the beginning of the mail
  2029. data. This use of return-path is required; mail systems MUST support
  2030. it. The return-path line preserves the information in the <reverse-
  2031. path> from the MAIL command. Here, final delivery means the message
  2032. has left the SMTP environment. Normally, this would mean it had been
  2033. delivered to the destination user or an associated mail drop, but in
  2034. some cases it may be further processed and transmitted by another
  2035. mail system.
  2036. It is possible for the mailbox in the return path to be different
  2037. from the actual sender's mailbox, for example, if error responses are
  2038. to be delivered to a special error handling mailbox rather than to
  2039. the message sender. When mailing lists are involved, this
  2040. arrangement is common and useful as a means of directing errors to
  2041. the list maintainer rather than the message originator.
  2042. The text above implies that the final mail data will begin with a
  2043. return path line, followed by one or more time stamp lines. These
  2044. lines will be followed by the mail data headers and body [32].
  2045. It is sometimes difficult for an SMTP server to determine whether or
  2046. not it is making final delivery since forwarding or other operations
  2047. may occur after the message is accepted for delivery. Consequently,
  2048. Klensin Standards Track [Page 50]
  2049. RFC 2821 Simple Mail Transfer Protocol April 2001
  2050. any further (forwarding, gateway, or relay) systems MAY remove the
  2051. return path and rebuild the MAIL command as needed to ensure that
  2052. exactly one such line appears in a delivered message.
  2053. A message-originating SMTP system SHOULD NOT send a message that
  2054. already contains a Return-path header. SMTP servers performing a
  2055. relay function MUST NOT inspect the message data, and especially not
  2056. to the extent needed to determine if Return-path headers are present.
  2057. SMTP servers making final delivery MAY remove Return-path headers
  2058. before adding their own.
  2059. The primary purpose of the Return-path is to designate the address to
  2060. which messages indicating non-delivery or other mail system failures
  2061. are to be sent. For this to be unambiguous, exactly one return path
  2062. SHOULD be present when the message is delivered. Systems using RFC
  2063. 822 syntax with non-SMTP transports SHOULD designate an unambiguous
  2064. address, associated with the transport envelope, to which error
  2065. reports (e.g., non-delivery messages) should be sent.
  2066. Historical note: Text in RFC 822 that appears to contradict the use
  2067. of the Return-path header (or the envelope reverse path address from
  2068. the MAIL command) as the destination for error messages is not
  2069. applicable on the Internet. The reverse path address (as copied into
  2070. the Return-path) MUST be used as the target of any mail containing
  2071. delivery error messages.
  2072. In particular:
  2073. - a gateway from SMTP->elsewhere SHOULD insert a return-path header,
  2074. unless it is known that the "elsewhere" transport also uses
  2075. Internet domain addresses and maintains the envelope sender
  2076. address separately.
  2077. - a gateway from elsewhere->SMTP SHOULD delete any return-path
  2078. header present in the message, and either copy that information to
  2079. the SMTP envelope or combine it with information present in the
  2080. envelope of the other transport system to construct the reverse
  2081. path argument to the MAIL command in the SMTP envelope.
  2082. The server must give special treatment to cases in which the
  2083. processing following the end of mail data indication is only
  2084. partially successful. This could happen if, after accepting several
  2085. recipients and the mail data, the SMTP server finds that the mail
  2086. data could be successfully delivered to some, but not all, of the
  2087. recipients. In such cases, the response to the DATA command MUST be
  2088. an OK reply. However, the SMTP server MUST compose and send an
  2089. "undeliverable mail" notification message to the originator of the
  2090. message.
  2091. Klensin Standards Track [Page 51]
  2092. RFC 2821 Simple Mail Transfer Protocol April 2001
  2093. A single notification listing all of the failed recipients or
  2094. separate notification messages MUST be sent for each failed
  2095. recipient. For economy of processing by the sender, the former is
  2096. preferred when possible. All undeliverable mail notification
  2097. messages are sent using the MAIL command (even if they result from
  2098. processing the obsolete SEND, SOML, or SAML commands) and use a null
  2099. return path as discussed in section 3.7.
  2100. The time stamp line and the return path line are formally defined as
  2101. follows:
  2102. Return-path-line = "Return-Path:" FWS Reverse-path <CRLF>
  2103. Time-stamp-line = "Received:" FWS Stamp <CRLF>
  2104. Stamp = From-domain By-domain Opt-info ";" FWS date-time
  2105. ; where "date-time" is as defined in [32]
  2106. ; but the "obs-" forms, especially two-digit
  2107. ; years, are prohibited in SMTP and MUST NOT be used.
  2108. From-domain = "FROM" FWS Extended-Domain CFWS
  2109. By-domain = "BY" FWS Extended-Domain CFWS
  2110. Extended-Domain = Domain /
  2111. ( Domain FWS "(" TCP-info ")" ) /
  2112. ( Address-literal FWS "(" TCP-info ")" )
  2113. TCP-info = Address-literal / ( Domain FWS Address-literal )
  2114. ; Information derived by server from TCP connection
  2115. ; not client EHLO.
  2116. Opt-info = [Via] [With] [ID] [For]
  2117. Via = "VIA" FWS Link CFWS
  2118. With = "WITH" FWS Protocol CFWS
  2119. ID = "ID" FWS String / msg-id CFWS
  2120. For = "FOR" FWS 1*( Path / Mailbox ) CFWS
  2121. Link = "TCP" / Addtl-Link
  2122. Addtl-Link = Atom
  2123. ; Additional standard names for links are registered with the
  2124. ; Internet Assigned Numbers Authority (IANA). "Via" is
  2125. ; primarily of value with non-Internet transports. SMTP
  2126. Klensin Standards Track [Page 52]
  2127. RFC 2821 Simple Mail Transfer Protocol April 2001
  2128. ; servers SHOULD NOT use unregistered names.
  2129. Protocol = "ESMTP" / "SMTP" / Attdl-Protocol
  2130. Attdl-Protocol = Atom
  2131. ; Additional standard names for protocols are registered with the
  2132. ; Internet Assigned Numbers Authority (IANA). SMTP servers
  2133. ; SHOULD NOT use unregistered names.
  2134. 4.5 Additional Implementation Issues
  2135. 4.5.1 Minimum Implementation
  2136. In order to make SMTP workable, the following minimum implementation
  2137. is required for all receivers. The following commands MUST be
  2138. supported to conform to this specification:
  2139. EHLO
  2140. HELO
  2141. MAIL
  2142. RCPT
  2143. DATA
  2144. RSET
  2145. NOOP
  2146. QUIT
  2147. VRFY
  2148. Any system that includes an SMTP server supporting mail relaying or
  2149. delivery MUST support the reserved mailbox "postmaster" as a case-
  2150. insensitive local name. This postmaster address is not strictly
  2151. necessary if the server always returns 554 on connection opening (as
  2152. described in section 3.1). The requirement to accept mail for
  2153. postmaster implies that RCPT commands which specify a mailbox for
  2154. postmaster at any of the domains for which the SMTP server provides
  2155. mail service, as well as the special case of "RCPT TO:<Postmaster>"
  2156. (with no domain specification), MUST be supported.
  2157. SMTP systems are expected to make every reasonable effort to accept
  2158. mail directed to Postmaster from any other system on the Internet.
  2159. In extreme cases --such as to contain a denial of service attack or
  2160. other breach of security-- an SMTP server may block mail directed to
  2161. Postmaster. However, such arrangements SHOULD be narrowly tailored
  2162. so as to avoid blocking messages which are not part of such attacks.
  2163. 4.5.2 Transparency
  2164. Without some provision for data transparency, the character sequence
  2165. "<CRLF>.<CRLF>" ends the mail text and cannot be sent by the user.
  2166. In general, users are not aware of such "forbidden" sequences. To
  2167. Klensin Standards Track [Page 53]
  2168. RFC 2821 Simple Mail Transfer Protocol April 2001
  2169. allow all user composed text to be transmitted transparently, the
  2170. following procedures are used:
  2171. - Before sending a line of mail text, the SMTP client checks the
  2172. first character of the line. If it is a period, one additional
  2173. period is inserted at the beginning of the line.
  2174. - When a line of mail text is received by the SMTP server, it checks
  2175. the line. If the line is composed of a single period, it is
  2176. treated as the end of mail indicator. If the first character is a
  2177. period and there are other characters on the line, the first
  2178. character is deleted.
  2179. The mail data may contain any of the 128 ASCII characters. All
  2180. characters are to be delivered to the recipient's mailbox, including
  2181. spaces, vertical and horizontal tabs, and other control characters.
  2182. If the transmission channel provides an 8-bit byte (octet) data
  2183. stream, the 7-bit ASCII codes are transmitted right justified in the
  2184. octets, with the high order bits cleared to zero. See 3.7 for
  2185. special treatment of these conditions in SMTP systems serving a relay
  2186. function.
  2187. In some systems it may be necessary to transform the data as it is
  2188. received and stored. This may be necessary for hosts that use a
  2189. different character set than ASCII as their local character set, that
  2190. store data in records rather than strings, or which use special
  2191. character sequences as delimiters inside mailboxes. If such
  2192. transformations are necessary, they MUST be reversible, especially if
  2193. they are applied to mail being relayed.
  2194. 4.5.3 Sizes and Timeouts
  2195. 4.5.3.1 Size limits and minimums
  2196. There are several objects that have required minimum/maximum sizes.
  2197. Every implementation MUST be able to receive objects of at least
  2198. these sizes. Objects larger than these sizes SHOULD be avoided when
  2199. possible. However, some Internet mail constructs such as encoded
  2200. X.400 addresses [16] will often require larger objects: clients MAY
  2201. attempt to transmit these, but MUST be prepared for a server to
  2202. reject them if they cannot be handled by it. To the maximum extent
  2203. possible, implementation techniques which impose no limits on the
  2204. length of these objects should be used.
  2205. local-part
  2206. The maximum total length of a user name or other local-part is 64
  2207. characters.
  2208. Klensin Standards Track [Page 54]
  2209. RFC 2821 Simple Mail Transfer Protocol April 2001
  2210. domain
  2211. The maximum total length of a domain name or number is 255
  2212. characters.
  2213. path
  2214. The maximum total length of a reverse-path or forward-path is 256
  2215. characters (including the punctuation and element separators).
  2216. command line
  2217. The maximum total length of a command line including the command
  2218. word and the <CRLF> is 512 characters. SMTP extensions may be
  2219. used to increase this limit.
  2220. reply line
  2221. The maximum total length of a reply line including the reply code
  2222. and the <CRLF> is 512 characters. More information may be
  2223. conveyed through multiple-line replies.
  2224. text line
  2225. The maximum total length of a text line including the <CRLF> is
  2226. 1000 characters (not counting the leading dot duplicated for
  2227. transparency). This number may be increased by the use of SMTP
  2228. Service Extensions.
  2229. message content
  2230. The maximum total length of a message content (including any
  2231. message headers as well as the message body) MUST BE at least 64K
  2232. octets. Since the introduction of Internet standards for
  2233. multimedia mail [12], message lengths on the Internet have grown
  2234. dramatically, and message size restrictions should be avoided if
  2235. at all possible. SMTP server systems that must impose
  2236. restrictions SHOULD implement the "SIZE" service extension [18],
  2237. and SMTP client systems that will send large messages SHOULD
  2238. utilize it when possible.
  2239. recipients buffer
  2240. The minimum total number of recipients that must be buffered is
  2241. 100 recipients. Rejection of messages (for excessive recipients)
  2242. with fewer than 100 RCPT commands is a violation of this
  2243. specification. The general principle that relaying SMTP servers
  2244. MUST NOT, and delivery SMTP servers SHOULD NOT, perform validation
  2245. tests on message headers suggests that rejecting a message based
  2246. on the total number of recipients shown in header fields is to be
  2247. discouraged. A server which imposes a limit on the number of
  2248. recipients MUST behave in an orderly fashion, such as to reject
  2249. additional addresses over its limit rather than silently
  2250. discarding addresses previously accepted. A client that needs to
  2251. Klensin Standards Track [Page 55]
  2252. RFC 2821 Simple Mail Transfer Protocol April 2001
  2253. deliver a message containing over 100 RCPT commands SHOULD be
  2254. prepared to transmit in 100-recipient "chunks" if the server
  2255. declines to accept more than 100 recipients in a single message.
  2256. Errors due to exceeding these limits may be reported by using the
  2257. reply codes. Some examples of reply codes are:
  2258. 500 Line too long.
  2259. or
  2260. 501 Path too long
  2261. or
  2262. 452 Too many recipients (see below)
  2263. or
  2264. 552 Too much mail data.
  2265. RFC 821 [30] incorrectly listed the error where an SMTP server
  2266. exhausts its implementation limit on the number of RCPT commands
  2267. ("too many recipients") as having reply code 552. The correct reply
  2268. code for this condition is 452. Clients SHOULD treat a 552 code in
  2269. this case as a temporary, rather than permanent, failure so the logic
  2270. below works.
  2271. When a conforming SMTP server encounters this condition, it has at
  2272. least 100 successful RCPT commands in its recipients buffer. If the
  2273. server is able to accept the message, then at least these 100
  2274. addresses will be removed from the SMTP client's queue. When the
  2275. client attempts retransmission of those addresses which received 452
  2276. responses, at least 100 of these will be able to fit in the SMTP
  2277. server's recipients buffer. Each retransmission attempt which is
  2278. able to deliver anything will be able to dispose of at least 100 of
  2279. these recipients.
  2280. If an SMTP server has an implementation limit on the number of RCPT
  2281. commands and this limit is exhausted, it MUST use a response code of
  2282. 452 (but the client SHOULD also be prepared for a 552, as noted
  2283. above). If the server has a configured site-policy limitation on the
  2284. number of RCPT commands, it MAY instead use a 5XX response code.
  2285. This would be most appropriate if the policy limitation was intended
  2286. to apply if the total recipient count for a particular message body
  2287. were enforced even if that message body was sent in multiple mail
  2288. transactions.
  2289. 4.5.3.2 Timeouts
  2290. An SMTP client MUST provide a timeout mechanism. It MUST use per-
  2291. command timeouts rather than somehow trying to time the entire mail
  2292. transaction. Timeouts SHOULD be easily reconfigurable, preferably
  2293. without recompiling the SMTP code. To implement this, a timer is set
  2294. Klensin Standards Track [Page 56]
  2295. RFC 2821 Simple Mail Transfer Protocol April 2001
  2296. for each SMTP command and for each buffer of the data transfer. The
  2297. latter means that the overall timeout is inherently proportional to
  2298. the size of the message.
  2299. Based on extensive experience with busy mail-relay hosts, the minimum
  2300. per-command timeout values SHOULD be as follows:
  2301. Initial 220 Message: 5 minutes
  2302. An SMTP client process needs to distinguish between a failed TCP
  2303. connection and a delay in receiving the initial 220 greeting
  2304. message. Many SMTP servers accept a TCP connection but delay
  2305. delivery of the 220 message until their system load permits more
  2306. mail to be processed.
  2307. MAIL Command: 5 minutes
  2308. RCPT Command: 5 minutes
  2309. A longer timeout is required if processing of mailing lists and
  2310. aliases is not deferred until after the message was accepted.
  2311. DATA Initiation: 2 minutes
  2312. This is while awaiting the "354 Start Input" reply to a DATA
  2313. command.
  2314. Data Block: 3 minutes
  2315. This is while awaiting the completion of each TCP SEND call
  2316. transmitting a chunk of data.
  2317. DATA Termination: 10 minutes.
  2318. This is while awaiting the "250 OK" reply. When the receiver gets
  2319. the final period terminating the message data, it typically
  2320. performs processing to deliver the message to a user mailbox. A
  2321. spurious timeout at this point would be very wasteful and would
  2322. typically result in delivery of multiple copies of the message,
  2323. since it has been successfully sent and the server has accepted
  2324. responsibility for delivery. See section 6.1 for additional
  2325. discussion.
  2326. An SMTP server SHOULD have a timeout of at least 5 minutes while it
  2327. is awaiting the next command from the sender.
  2328. 4.5.4 Retry Strategies
  2329. The common structure of a host SMTP implementation includes user
  2330. mailboxes, one or more areas for queuing messages in transit, and one
  2331. or more daemon processes for sending and receiving mail. The exact
  2332. structure will vary depending on the needs of the users on the host
  2333. Klensin Standards Track [Page 57]
  2334. RFC 2821 Simple Mail Transfer Protocol April 2001
  2335. and the number and size of mailing lists supported by the host. We
  2336. describe several optimizations that have proved helpful, particularly
  2337. for mailers supporting high traffic levels.
  2338. Any queuing strategy MUST include timeouts on all activities on a
  2339. per-command basis. A queuing strategy MUST NOT send error messages
  2340. in response to error messages under any circumstances.
  2341. 4.5.4.1 Sending Strategy
  2342. The general model for an SMTP client is one or more processes that
  2343. periodically attempt to transmit outgoing mail. In a typical system,
  2344. the program that composes a message has some method for requesting
  2345. immediate attention for a new piece of outgoing mail, while mail that
  2346. cannot be transmitted immediately MUST be queued and periodically
  2347. retried by the sender. A mail queue entry will include not only the
  2348. message itself but also the envelope information.
  2349. The sender MUST delay retrying a particular destination after one
  2350. attempt has failed. In general, the retry interval SHOULD be at
  2351. least 30 minutes; however, more sophisticated and variable strategies
  2352. will be beneficial when the SMTP client can determine the reason for
  2353. non-delivery.
  2354. Retries continue until the message is transmitted or the sender gives
  2355. up; the give-up time generally needs to be at least 4-5 days. The
  2356. parameters to the retry algorithm MUST be configurable.
  2357. A client SHOULD keep a list of hosts it cannot reach and
  2358. corresponding connection timeouts, rather than just retrying queued
  2359. mail items.
  2360. Experience suggests that failures are typically transient (the target
  2361. system or its connection has crashed), favoring a policy of two
  2362. connection attempts in the first hour the message is in the queue,
  2363. and then backing off to one every two or three hours.
  2364. The SMTP client can shorten the queuing delay in cooperation with the
  2365. SMTP server. For example, if mail is received from a particular
  2366. address, it is likely that mail queued for that host can now be sent.
  2367. Application of this principle may, in many cases, eliminate the
  2368. requirement for an explicit "send queues now" function such as ETRN
  2369. [9].
  2370. The strategy may be further modified as a result of multiple
  2371. addresses per host (see below) to optimize delivery time vs. resource
  2372. usage.
  2373. Klensin Standards Track [Page 58]
  2374. RFC 2821 Simple Mail Transfer Protocol April 2001
  2375. An SMTP client may have a large queue of messages for each
  2376. unavailable destination host. If all of these messages were retried
  2377. in every retry cycle, there would be excessive Internet overhead and
  2378. the sending system would be blocked for a long period. Note that an
  2379. SMTP client can generally determine that a delivery attempt has
  2380. failed only after a timeout of several minutes and even a one-minute
  2381. timeout per connection will result in a very large delay if retries
  2382. are repeated for dozens, or even hundreds, of queued messages to the
  2383. same host.
  2384. At the same time, SMTP clients SHOULD use great care in caching
  2385. negative responses from servers. In an extreme case, if EHLO is
  2386. issued multiple times during the same SMTP connection, different
  2387. answers may be returned by the server. More significantly, 5yz
  2388. responses to the MAIL command MUST NOT be cached.
  2389. When a mail message is to be delivered to multiple recipients, and
  2390. the SMTP server to which a copy of the message is to be sent is the
  2391. same for multiple recipients, then only one copy of the message
  2392. SHOULD be transmitted. That is, the SMTP client SHOULD use the
  2393. command sequence: MAIL, RCPT, RCPT,... RCPT, DATA instead of the
  2394. sequence: MAIL, RCPT, DATA, ..., MAIL, RCPT, DATA. However, if there
  2395. are very many addresses, a limit on the number of RCPT commands per
  2396. MAIL command MAY be imposed. Implementation of this efficiency
  2397. feature is strongly encouraged.
  2398. Similarly, to achieve timely delivery, the SMTP client MAY support
  2399. multiple concurrent outgoing mail transactions. However, some limit
  2400. may be appropriate to protect the host from devoting all its
  2401. resources to mail.
  2402. 4.5.4.2 Receiving Strategy
  2403. The SMTP server SHOULD attempt to keep a pending listen on the SMTP
  2404. port at all times. This requires the support of multiple incoming
  2405. TCP connections for SMTP. Some limit MAY be imposed but servers that
  2406. cannot handle more than one SMTP transaction at a time are not in
  2407. conformance with the intent of this specification.
  2408. As discussed above, when the SMTP server receives mail from a
  2409. particular host address, it could activate its own SMTP queuing
  2410. mechanisms to retry any mail pending for that host address.
  2411. 4.5.5 Messages with a null reverse-path
  2412. There are several types of notification messages which are required
  2413. by existing and proposed standards to be sent with a null reverse
  2414. path, namely non-delivery notifications as discussed in section 3.7,
  2415. Klensin Standards Track [Page 59]
  2416. RFC 2821 Simple Mail Transfer Protocol April 2001
  2417. other kinds of Delivery Status Notifications (DSNs) [24], and also
  2418. Message Disposition Notifications (MDNs) [10]. All of these kinds of
  2419. messages are notifications about a previous message, and they are
  2420. sent to the reverse-path of the previous mail message. (If the
  2421. delivery of such a notification message fails, that usually indicates
  2422. a problem with the mail system of the host to which the notification
  2423. message is addressed. For this reason, at some hosts the MTA is set
  2424. up to forward such failed notification messages to someone who is
  2425. able to fix problems with the mail system, e.g., via the postmaster
  2426. alias.)
  2427. All other types of messages (i.e., any message which is not required
  2428. by a standards-track RFC to have a null reverse-path) SHOULD be sent
  2429. with with a valid, non-null reverse-path.
  2430. Implementors of automated email processors should be careful to make
  2431. sure that the various kinds of messages with null reverse-path are
  2432. handled correctly, in particular such systems SHOULD NOT reply to
  2433. messages with null reverse-path.
  2434. 5. Address Resolution and Mail Handling
  2435. Once an SMTP client lexically identifies a domain to which mail will
  2436. be delivered for processing (as described in sections 3.6 and 3.7), a
  2437. DNS lookup MUST be performed to resolve the domain name [22]. The
  2438. names are expected to be fully-qualified domain names (FQDNs):
  2439. mechanisms for inferring FQDNs from partial names or local aliases
  2440. are outside of this specification and, due to a history of problems,
  2441. are generally discouraged. The lookup first attempts to locate an MX
  2442. record associated with the name. If a CNAME record is found instead,
  2443. the resulting name is processed as if it were the initial name. If
  2444. no MX records are found, but an A RR is found, the A RR is treated as
  2445. if it was associated with an implicit MX RR, with a preference of 0,
  2446. pointing to that host. If one or more MX RRs are found for a given
  2447. name, SMTP systems MUST NOT utilize any A RRs associated with that
  2448. name unless they are located using the MX RRs; the "implicit MX" rule
  2449. above applies only if there are no MX records present. If MX records
  2450. are present, but none of them are usable, this situation MUST be
  2451. reported as an error.
  2452. When the lookup succeeds, the mapping can result in a list of
  2453. alternative delivery addresses rather than a single address, because
  2454. of multiple MX records, multihoming, or both. To provide reliable
  2455. mail transmission, the SMTP client MUST be able to try (and retry)
  2456. each of the relevant addresses in this list in order, until a
  2457. delivery attempt succeeds. However, there MAY also be a configurable
  2458. limit on the number of alternate addresses that can be tried. In any
  2459. case, the SMTP client SHOULD try at least two addresses.
  2460. Klensin Standards Track [Page 60]
  2461. RFC 2821 Simple Mail Transfer Protocol April 2001
  2462. Two types of information is used to rank the host addresses: multiple
  2463. MX records, and multihomed hosts.
  2464. Multiple MX records contain a preference indication that MUST be used
  2465. in sorting (see below). Lower numbers are more preferred than higher
  2466. ones. If there are multiple destinations with the same preference
  2467. and there is no clear reason to favor one (e.g., by recognition of an
  2468. easily-reached address), then the sender-SMTP MUST randomize them to
  2469. spread the load across multiple mail exchangers for a specific
  2470. organization.
  2471. The destination host (perhaps taken from the preferred MX record) may
  2472. be multihomed, in which case the domain name resolver will return a
  2473. list of alternative IP addresses. It is the responsibility of the
  2474. domain name resolver interface to have ordered this list by
  2475. decreasing preference if necessary, and SMTP MUST try them in the
  2476. order presented.
  2477. Although the capability to try multiple alternative addresses is
  2478. required, specific installations may want to limit or disable the use
  2479. of alternative addresses. The question of whether a sender should
  2480. attempt retries using the different addresses of a multihomed host
  2481. has been controversial. The main argument for using the multiple
  2482. addresses is that it maximizes the probability of timely delivery,
  2483. and indeed sometimes the probability of any delivery; the counter-
  2484. argument is that it may result in unnecessary resource use. Note
  2485. that resource use is also strongly determined by the sending strategy
  2486. discussed in section 4.5.4.1.
  2487. If an SMTP server receives a message with a destination for which it
  2488. is a designated Mail eXchanger, it MAY relay the message (potentially
  2489. after having rewritten the MAIL FROM and/or RCPT TO addresses), make
  2490. final delivery of the message, or hand it off using some mechanism
  2491. outside the SMTP-provided transport environment. Of course, neither
  2492. of the latter require that the list of MX records be examined
  2493. further.
  2494. If it determines that it should relay the message without rewriting
  2495. the address, it MUST sort the MX records to determine candidates for
  2496. delivery. The records are first ordered by preference, with the
  2497. lowest-numbered records being most preferred. The relay host MUST
  2498. then inspect the list for any of the names or addresses by which it
  2499. might be known in mail transactions. If a matching record is found,
  2500. all records at that preference level and higher-numbered ones MUST be
  2501. discarded from consideration. If there are no records left at that
  2502. point, it is an error condition, and the message MUST be returned as
  2503. undeliverable. If records do remain, they SHOULD be tried, best
  2504. preference first, as described above.
  2505. Klensin Standards Track [Page 61]
  2506. RFC 2821 Simple Mail Transfer Protocol April 2001
  2507. 6. Problem Detection and Handling
  2508. 6.1 Reliable Delivery and Replies by Email
  2509. When the receiver-SMTP accepts a piece of mail (by sending a "250 OK"
  2510. message in response to DATA), it is accepting responsibility for
  2511. delivering or relaying the message. It must take this responsibility
  2512. seriously. It MUST NOT lose the message for frivolous reasons, such
  2513. as because the host later crashes or because of a predictable
  2514. resource shortage.
  2515. If there is a delivery failure after acceptance of a message, the
  2516. receiver-SMTP MUST formulate and mail a notification message. This
  2517. notification MUST be sent using a null ("<>") reverse path in the
  2518. envelope. The recipient of this notification MUST be the address
  2519. from the envelope return path (or the Return-Path: line). However,
  2520. if this address is null ("<>"), the receiver-SMTP MUST NOT send a
  2521. notification. Obviously, nothing in this section can or should
  2522. prohibit local decisions (i.e., as part of the same system
  2523. environment as the receiver-SMTP) to log or otherwise transmit
  2524. information about null address events locally if that is desired. If
  2525. the address is an explicit source route, it MUST be stripped down to
  2526. its final hop.
  2527. For example, suppose that an error notification must be sent for a
  2528. message that arrived with:
  2529. MAIL FROM:<@a,@b:user@d>
  2530. The notification message MUST be sent using:
  2531. RCPT TO:<user@d>
  2532. Some delivery failures after the message is accepted by SMTP will be
  2533. unavoidable. For example, it may be impossible for the receiving
  2534. SMTP server to validate all the delivery addresses in RCPT command(s)
  2535. due to a "soft" domain system error, because the target is a mailing
  2536. list (see earlier discussion of RCPT), or because the server is
  2537. acting as a relay and has no immediate access to the delivering
  2538. system.
  2539. To avoid receiving duplicate messages as the result of timeouts, a
  2540. receiver-SMTP MUST seek to minimize the time required to respond to
  2541. the final <CRLF>.<CRLF> end of data indicator. See RFC 1047 [28] for
  2542. a discussion of this problem.
  2543. Klensin Standards Track [Page 62]
  2544. RFC 2821 Simple Mail Transfer Protocol April 2001
  2545. 6.2 Loop Detection
  2546. Simple counting of the number of "Received:" headers in a message has
  2547. proven to be an effective, although rarely optimal, method of
  2548. detecting loops in mail systems. SMTP servers using this technique
  2549. SHOULD use a large rejection threshold, normally at least 100
  2550. Received entries. Whatever mechanisms are used, servers MUST contain
  2551. provisions for detecting and stopping trivial loops.
  2552. 6.3 Compensating for Irregularities
  2553. Unfortunately, variations, creative interpretations, and outright
  2554. violations of Internet mail protocols do occur; some would suggest
  2555. that they occur quite frequently. The debate as to whether a well-
  2556. behaved SMTP receiver or relay should reject a malformed message,
  2557. attempt to pass it on unchanged, or attempt to repair it to increase
  2558. the odds of successful delivery (or subsequent reply) began almost
  2559. with the dawn of structured network mail and shows no signs of
  2560. abating. Advocates of rejection claim that attempted repairs are
  2561. rarely completely adequate and that rejection of bad messages is the
  2562. only way to get the offending software repaired. Advocates of
  2563. "repair" or "deliver no matter what" argue that users prefer that
  2564. mail go through it if at all possible and that there are significant
  2565. market pressures in that direction. In practice, these market
  2566. pressures may be more important to particular vendors than strict
  2567. conformance to the standards, regardless of the preference of the
  2568. actual developers.
  2569. The problems associated with ill-formed messages were exacerbated by
  2570. the introduction of the split-UA mail reading protocols [3, 26, 5,
  2571. 21]. These protocols have encouraged the use of SMTP as a posting
  2572. protocol, and SMTP servers as relay systems for these client hosts
  2573. (which are often only intermittently connected to the Internet).
  2574. Historically, many of those client machines lacked some of the
  2575. mechanisms and information assumed by SMTP (and indeed, by the mail
  2576. format protocol [7]). Some could not keep adequate track of time;
  2577. others had no concept of time zones; still others could not identify
  2578. their own names or addresses; and, of course, none could satisfy the
  2579. assumptions that underlay RFC 822's conception of authenticated
  2580. addresses.
  2581. In response to these weak SMTP clients, many SMTP systems now
  2582. complete messages that are delivered to them in incomplete or
  2583. incorrect form. This strategy is generally considered appropriate
  2584. when the server can identify or authenticate the client, and there
  2585. are prior agreements between them. By contrast, there is at best
  2586. great concern about fixes applied by a relay or delivery SMTP server
  2587. that has little or no knowledge of the user or client machine.
  2588. Klensin Standards Track [Page 63]
  2589. RFC 2821 Simple Mail Transfer Protocol April 2001
  2590. The following changes to a message being processed MAY be applied
  2591. when necessary by an originating SMTP server, or one used as the
  2592. target of SMTP as an initial posting protocol:
  2593. - Addition of a message-id field when none appears
  2594. - Addition of a date, time or time zone when none appears
  2595. - Correction of addresses to proper FQDN format
  2596. The less information the server has about the client, the less likely
  2597. these changes are to be correct and the more caution and conservatism
  2598. should be applied when considering whether or not to perform fixes
  2599. and how. These changes MUST NOT be applied by an SMTP server that
  2600. provides an intermediate relay function.
  2601. In all cases, properly-operating clients supplying correct
  2602. information are preferred to corrections by the SMTP server. In all
  2603. cases, documentation of actions performed by the servers (in trace
  2604. fields and/or header comments) is strongly encouraged.
  2605. 7. Security Considerations
  2606. 7.1 Mail Security and Spoofing
  2607. SMTP mail is inherently insecure in that it is feasible for even
  2608. fairly casual users to negotiate directly with receiving and relaying
  2609. SMTP servers and create messages that will trick a naive recipient
  2610. into believing that they came from somewhere else. Constructing such
  2611. a message so that the "spoofed" behavior cannot be detected by an
  2612. expert is somewhat more difficult, but not sufficiently so as to be a
  2613. deterrent to someone who is determined and knowledgeable.
  2614. Consequently, as knowledge of Internet mail increases, so does the
  2615. knowledge that SMTP mail inherently cannot be authenticated, or
  2616. integrity checks provided, at the transport level. Real mail
  2617. security lies only in end-to-end methods involving the message
  2618. bodies, such as those which use digital signatures (see [14] and,
  2619. e.g., PGP [4] or S/MIME [31]).
  2620. Various protocol extensions and configuration options that provide
  2621. authentication at the transport level (e.g., from an SMTP client to
  2622. an SMTP server) improve somewhat on the traditional situation
  2623. described above. However, unless they are accompanied by careful
  2624. handoffs of responsibility in a carefully-designed trust environment,
  2625. they remain inherently weaker than end-to-end mechanisms which use
  2626. digitally signed messages rather than depending on the integrity of
  2627. the transport system.
  2628. Klensin Standards Track [Page 64]
  2629. RFC 2821 Simple Mail Transfer Protocol April 2001
  2630. Efforts to make it more difficult for users to set envelope return
  2631. path and header "From" fields to point to valid addresses other than
  2632. their own are largely misguided: they frustrate legitimate
  2633. applications in which mail is sent by one user on behalf of another
  2634. or in which error (or normal) replies should be directed to a special
  2635. address. (Systems that provide convenient ways for users to alter
  2636. these fields on a per-message basis should attempt to establish a
  2637. primary and permanent mailbox address for the user so that Sender
  2638. fields within the message data can be generated sensibly.)
  2639. This specification does not further address the authentication issues
  2640. associated with SMTP other than to advocate that useful functionality
  2641. not be disabled in the hope of providing some small margin of
  2642. protection against an ignorant user who is trying to fake mail.
  2643. 7.2 "Blind" Copies
  2644. Addresses that do not appear in the message headers may appear in the
  2645. RCPT commands to an SMTP server for a number of reasons. The two
  2646. most common involve the use of a mailing address as a "list exploder"
  2647. (a single address that resolves into multiple addresses) and the
  2648. appearance of "blind copies". Especially when more than one RCPT
  2649. command is present, and in order to avoid defeating some of the
  2650. purpose of these mechanisms, SMTP clients and servers SHOULD NOT copy
  2651. the full set of RCPT command arguments into the headers, either as
  2652. part of trace headers or as informational or private-extension
  2653. headers. Since this rule is often violated in practice, and cannot
  2654. be enforced, sending SMTP systems that are aware of "bcc" use MAY
  2655. find it helpful to send each blind copy as a separate message
  2656. transaction containing only a single RCPT command.
  2657. There is no inherent relationship between either "reverse" (from
  2658. MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP
  2659. transaction ("envelope") and the addresses in the headers. Receiving
  2660. systems SHOULD NOT attempt to deduce such relationships and use them
  2661. to alter the headers of the message for delivery. The popular
  2662. "Apparently-to" header is a violation of this principle as well as a
  2663. common source of unintended information disclosure and SHOULD NOT be
  2664. used.
  2665. 7.3 VRFY, EXPN, and Security
  2666. As discussed in section 3.5, individual sites may want to disable
  2667. either or both of VRFY or EXPN for security reasons. As a corollary
  2668. to the above, implementations that permit this MUST NOT appear to
  2669. have verified addresses that are not, in fact, verified. If a site
  2670. Klensin Standards Track [Page 65]
  2671. RFC 2821 Simple Mail Transfer Protocol April 2001
  2672. disables these commands for security reasons, the SMTP server MUST
  2673. return a 252 response, rather than a code that could be confused with
  2674. successful or unsuccessful verification.
  2675. Returning a 250 reply code with the address listed in the VRFY
  2676. command after having checked it only for syntax violates this rule.
  2677. Of course, an implementation that "supports" VRFY by always returning
  2678. 550 whether or not the address is valid is equally not in
  2679. conformance.
  2680. Within the last few years, the contents of mailing lists have become
  2681. popular as an address information source for so-called "spammers."
  2682. The use of EXPN to "harvest" addresses has increased as list
  2683. administrators have installed protections against inappropriate uses
  2684. of the lists themselves. Implementations SHOULD still provide
  2685. support for EXPN, but sites SHOULD carefully evaluate the tradeoffs.
  2686. As authentication mechanisms are introduced into SMTP, some sites may
  2687. choose to make EXPN available only to authenticated requestors.
  2688. 7.4 Information Disclosure in Announcements
  2689. There has been an ongoing debate about the tradeoffs between the
  2690. debugging advantages of announcing server type and version (and,
  2691. sometimes, even server domain name) in the greeting response or in
  2692. response to the HELP command and the disadvantages of exposing
  2693. information that might be useful in a potential hostile attack. The
  2694. utility of the debugging information is beyond doubt. Those who
  2695. argue for making it available point out that it is far better to
  2696. actually secure an SMTP server rather than hope that trying to
  2697. conceal known vulnerabilities by hiding the server's precise identity
  2698. will provide more protection. Sites are encouraged to evaluate the
  2699. tradeoff with that issue in mind; implementations are strongly
  2700. encouraged to minimally provide for making type and version
  2701. information available in some way to other network hosts.
  2702. 7.5 Information Disclosure in Trace Fields
  2703. In some circumstances, such as when mail originates from within a LAN
  2704. whose hosts are not directly on the public Internet, trace
  2705. ("Received") fields produced in conformance with this specification
  2706. may disclose host names and similar information that would not
  2707. normally be available. This ordinarily does not pose a problem, but
  2708. sites with special concerns about name disclosure should be aware of
  2709. it. Also, the optional FOR clause should be supplied with caution or
  2710. not at all when multiple recipients are involved lest it
  2711. inadvertently disclose the identities of "blind copy" recipients to
  2712. others.
  2713. Klensin Standards Track [Page 66]
  2714. RFC 2821 Simple Mail Transfer Protocol April 2001
  2715. 7.6 Information Disclosure in Message Forwarding
  2716. As discussed in section 3.4, use of the 251 or 551 reply codes to
  2717. identify the replacement address associated with a mailbox may
  2718. inadvertently disclose sensitive information. Sites that are
  2719. concerned about those issues should ensure that they select and
  2720. configure servers appropriately.
  2721. 7.7 Scope of Operation of SMTP Servers
  2722. It is a well-established principle that an SMTP server may refuse to
  2723. accept mail for any operational or technical reason that makes sense
  2724. to the site providing the server. However, cooperation among sites
  2725. and installations makes the Internet possible. If sites take
  2726. excessive advantage of the right to reject traffic, the ubiquity of
  2727. email availability (one of the strengths of the Internet) will be
  2728. threatened; considerable care should be taken and balance maintained
  2729. if a site decides to be selective about the traffic it will accept
  2730. and process.
  2731. In recent years, use of the relay function through arbitrary sites
  2732. has been used as part of hostile efforts to hide the actual origins
  2733. of mail. Some sites have decided to limit the use of the relay
  2734. function to known or identifiable sources, and implementations SHOULD
  2735. provide the capability to perform this type of filtering. When mail
  2736. is rejected for these or other policy reasons, a 550 code SHOULD be
  2737. used in response to EHLO, MAIL, or RCPT as appropriate.
  2738. 8. IANA Considerations
  2739. IANA will maintain three registries in support of this specification.
  2740. The first consists of SMTP service extensions with the associated
  2741. keywords, and, as needed, parameters and verbs. As specified in
  2742. section 2.2.2, no entry may be made in this registry that starts in
  2743. an "X". Entries may be made only for service extensions (and
  2744. associated keywords, parameters, or verbs) that are defined in
  2745. standards-track or experimental RFCs specifically approved by the
  2746. IESG for this purpose.
  2747. The second registry consists of "tags" that identify forms of domain
  2748. literals other than those for IPv4 addresses (specified in RFC 821
  2749. and in this document) and IPv6 addresses (specified in this
  2750. document). Additional literal types require standardization before
  2751. being used; none are anticipated at this time.
  2752. The third, established by RFC 821 and renewed by this specification,
  2753. is a registry of link and protocol identifiers to be used with the
  2754. "via" and "with" subclauses of the time stamp ("Received: header")
  2755. Klensin Standards Track [Page 67]
  2756. RFC 2821 Simple Mail Transfer Protocol April 2001
  2757. described in section 4.4. Link and protocol identifiers in addition
  2758. to those specified in this document may be registered only by
  2759. standardization or by way of an RFC-documented, IESG-approved,
  2760. Experimental protocol extension.
  2761. 9. References
  2762. [1] American National Standards Institute (formerly United States of
  2763. America Standards Institute), X3.4, 1968, "USA Code for
  2764. Information Interchange". ANSI X3.4-1968 has been replaced by
  2765. newer versions with slight modifications, but the 1968 version
  2766. remains definitive for the Internet.
  2767. [2] Braden, R., "Requirements for Internet hosts - application and
  2768. support", STD 3, RFC 1123, October 1989.
  2769. [3] Butler, M., Chase, D., Goldberger, J., Postel, J. and J.
  2770. Reynolds, "Post Office Protocol - version 2", RFC 937, February
  2771. 1985.
  2772. [4] Callas, J., Donnerhacke, L., Finney, H. and R. Thayer, "OpenPGP
  2773. Message Format", RFC 2440, November 1998.
  2774. [5] Crispin, M., "Interactive Mail Access Protocol - Version 2", RFC
  2775. 1176, August 1990.
  2776. [6] Crispin, M., "Internet Message Access Protocol - Version 4", RFC
  2777. 2060, December 1996.
  2778. [7] Crocker, D., "Standard for the Format of ARPA Internet Text
  2779. Messages", RFC 822, August 1982.
  2780. [8] Crocker, D. and P. Overell, Eds., "Augmented BNF for Syntax
  2781. Specifications: ABNF", RFC 2234, November 1997.
  2782. [9] De Winter, J., "SMTP Service Extension for Remote Message Queue
  2783. Starting", RFC 1985, August 1996.
  2784. [10] Fajman, R., "An Extensible Message Format for Message
  2785. Disposition Notifications", RFC 2298, March 1998.
  2786. [11] Freed, N, "Behavior of and Requirements for Internet Firewalls",
  2787. RFC 2979, October 2000.
  2788. [12] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
  2789. Extensions (MIME) Part One: Format of Internet Message Bodies",
  2790. RFC 2045, December 1996.
  2791. Klensin Standards Track [Page 68]
  2792. RFC 2821 Simple Mail Transfer Protocol April 2001
  2793. [13] Freed, N., "SMTP Service Extension for Command Pipelining", RFC
  2794. 2920, September 2000.
  2795. [14] Galvin, J., Murphy, S., Crocker, S. and N. Freed, "Security
  2796. Multiparts for MIME: Multipart/Signed and Multipart/Encrypted",
  2797. RFC 1847, October 1995.
  2798. [15] Gellens, R. and J. Klensin, "Message Submission", RFC 2476,
  2799. December 1998.
  2800. [16] Kille, S., "Mapping between X.400 and RFC822/MIME", RFC 2156,
  2801. January 1998.
  2802. [17] Hinden, R and S. Deering, Eds. "IP Version 6 Addressing
  2803. Architecture", RFC 2373, July 1998.
  2804. [18] Klensin, J., Freed, N. and K. Moore, "SMTP Service Extension for
  2805. Message Size Declaration", STD 10, RFC 1870, November 1995.
  2806. [19] Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. Crocker,
  2807. "SMTP Service Extensions", STD 10, RFC 1869, November 1995.
  2808. [20] Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. Crocker,
  2809. "SMTP Service Extension for 8bit-MIMEtransport", RFC 1652, July
  2810. 1994.
  2811. [21] Lambert, M., "PCMAIL: A distributed mail system for personal
  2812. computers", RFC 1056, July 1988.
  2813. [22] Mockapetris, P., "Domain names - implementation and
  2814. specification", STD 13, RFC 1035, November 1987.
  2815. Mockapetris, P., "Domain names - concepts and facilities", STD
  2816. 13, RFC 1034, November 1987.
  2817. [23] Moore, K., "MIME (Multipurpose Internet Mail Extensions) Part
  2818. Three: Message Header Extensions for Non-ASCII Text", RFC 2047,
  2819. December 1996.
  2820. [24] Moore, K., "SMTP Service Extension for Delivery Status
  2821. Notifications", RFC 1891, January 1996.
  2822. [25] Moore, K., and G. Vaudreuil, "An Extensible Message Format for
  2823. Delivery Status Notifications", RFC 1894, January 1996.
  2824. [26] Myers, J. and M. Rose, "Post Office Protocol - Version 3", STD
  2825. 53, RFC 1939, May 1996.
  2826. Klensin Standards Track [Page 69]
  2827. RFC 2821 Simple Mail Transfer Protocol April 2001
  2828. [27] Partridge, C., "Mail routing and the domain system", RFC 974,
  2829. January 1986.
  2830. [28] Partridge, C., "Duplicate messages and SMTP", RFC 1047, February
  2831. 1988.
  2832. [29] Postel, J., ed., "Transmission Control Protocol - DARPA Internet
  2833. Program Protocol Specification", STD 7, RFC 793, September 1981.
  2834. [30] Postel, J., "Simple Mail Transfer Protocol", RFC 821, August
  2835. 1982.
  2836. [31] Ramsdell, B., Ed., "S/MIME Version 3 Message Specification", RFC
  2837. 2633, June 1999.
  2838. [32] Resnick, P., Ed., "Internet Message Format", RFC 2822, April
  2839. 2001.
  2840. [33] Vaudreuil, G., "SMTP Service Extensions for Transmission of
  2841. Large and Binary MIME Messages", RFC 1830, August 1995.
  2842. [34] Vaudreuil, G., "Enhanced Mail System Status Codes", RFC 1893,
  2843. January 1996.
  2844. 10. Editor's Address
  2845. John C. Klensin
  2846. AT&T Laboratories
  2847. 99 Bedford St
  2848. Boston, MA 02111 USA
  2849. Phone: 617-574-3076
  2850. EMail: klensin@research.att.com
  2851. 11. Acknowledgments
  2852. Many people worked long and hard on the many iterations of this
  2853. document. There was wide-ranging debate in the IETF DRUMS Working
  2854. Group, both on its mailing list and in face to face discussions,
  2855. about many technical issues and the role of a revised standard for
  2856. Internet mail transport, and many contributors helped form the
  2857. wording in this specification. The hundreds of participants in the
  2858. many discussions since RFC 821 was produced are too numerous to
  2859. mention, but they all helped this document become what it is.
  2860. Klensin Standards Track [Page 70]
  2861. RFC 2821 Simple Mail Transfer Protocol April 2001
  2862. APPENDICES
  2863. A. TCP Transport Service
  2864. The TCP connection supports the transmission of 8-bit bytes. The
  2865. SMTP data is 7-bit ASCII characters. Each character is transmitted
  2866. as an 8-bit byte with the high-order bit cleared to zero. Service
  2867. extensions may modify this rule to permit transmission of full 8-bit
  2868. data bytes as part of the message body, but not in SMTP commands or
  2869. responses.
  2870. B. Generating SMTP Commands from RFC 822 Headers
  2871. Some systems use RFC 822 headers (only) in a mail submission
  2872. protocol, or otherwise generate SMTP commands from RFC 822 headers
  2873. when such a message is handed to an MTA from a UA. While the MTA-UA
  2874. protocol is a private matter, not covered by any Internet Standard,
  2875. there are problems with this approach. For example, there have been
  2876. repeated problems with proper handling of "bcc" copies and
  2877. redistribution lists when information that conceptually belongs to a
  2878. mail envelopes is not separated early in processing from header
  2879. information (and kept separate).
  2880. It is recommended that the UA provide its initial ("submission
  2881. client") MTA with an envelope separate from the message itself.
  2882. However, if the envelope is not supplied, SMTP commands SHOULD be
  2883. generated as follows:
  2884. 1. Each recipient address from a TO, CC, or BCC header field SHOULD
  2885. be copied to a RCPT command (generating multiple message copies if
  2886. that is required for queuing or delivery). This includes any
  2887. addresses listed in a RFC 822 "group". Any BCC fields SHOULD then
  2888. be removed from the headers. Once this process is completed, the
  2889. remaining headers SHOULD be checked to verify that at least one
  2890. To:, Cc:, or Bcc: header remains. If none do, then a bcc: header
  2891. with no additional information SHOULD be inserted as specified in
  2892. [32].
  2893. 2. The return address in the MAIL command SHOULD, if possible, be
  2894. derived from the system's identity for the submitting (local)
  2895. user, and the "From:" header field otherwise. If there is a
  2896. system identity available, it SHOULD also be copied to the Sender
  2897. header field if it is different from the address in the From
  2898. header field. (Any Sender field that was already there SHOULD be
  2899. removed.) Systems may provide a way for submitters to override
  2900. the envelope return address, but may want to restrict its use to
  2901. privileged users. This will not prevent mail forgery, but may
  2902. lessen its incidence; see section 7.1.
  2903. Klensin Standards Track [Page 71]
  2904. RFC 2821 Simple Mail Transfer Protocol April 2001
  2905. When an MTA is being used in this way, it bears responsibility for
  2906. ensuring that the message being transmitted is valid. The mechanisms
  2907. for checking that validity, and for handling (or returning) messages
  2908. that are not valid at the time of arrival, are part of the MUA-MTA
  2909. interface and not covered by this specification.
  2910. A submission protocol based on Standard RFC 822 information alone
  2911. MUST NOT be used to gateway a message from a foreign (non-SMTP) mail
  2912. system into an SMTP environment. Additional information to construct
  2913. an envelope must come from some source in the other environment,
  2914. whether supplemental headers or the foreign system's envelope.
  2915. Attempts to gateway messages using only their header "to" and "cc"
  2916. fields have repeatedly caused mail loops and other behavior adverse
  2917. to the proper functioning of the Internet mail environment. These
  2918. problems have been especially common when the message originates from
  2919. an Internet mailing list and is distributed into the foreign
  2920. environment using envelope information. When these messages are then
  2921. processed by a header-only remailer, loops back to the Internet
  2922. environment (and the mailing list) are almost inevitable.
  2923. C. Source Routes
  2924. Historically, the <reverse-path> was a reverse source routing list of
  2925. hosts and a source mailbox. The first host in the <reverse-path>
  2926. SHOULD be the host sending the MAIL command. Similarly, the
  2927. <forward-path> may be a source routing lists of hosts and a
  2928. destination mailbox. However, in general, the <forward-path> SHOULD
  2929. contain only a mailbox and domain name, relying on the domain name
  2930. system to supply routing information if required. The use of source
  2931. routes is deprecated; while servers MUST be prepared to receive and
  2932. handle them as discussed in section 3.3 and F.2, clients SHOULD NOT
  2933. transmit them and this section was included only to provide context.
  2934. For relay purposes, the forward-path may be a source route of the
  2935. form "@ONE,@TWO:JOE@THREE", where ONE, TWO, and THREE MUST BE fully-
  2936. qualified domain names. This form is used to emphasize the
  2937. distinction between an address and a route. The mailbox is an
  2938. absolute address, and the route is information about how to get
  2939. there. The two concepts should not be confused.
  2940. If source routes are used, RFC 821 and the text below should be
  2941. consulted for the mechanisms for constructing and updating the
  2942. forward- and reverse-paths.
  2943. Klensin Standards Track [Page 72]
  2944. RFC 2821 Simple Mail Transfer Protocol April 2001
  2945. The SMTP server transforms the command arguments by moving its own
  2946. identifier (its domain name or that of any domain for which it is
  2947. acting as a mail exchanger), if it appears, from the forward-path to
  2948. the beginning of the reverse-path.
  2949. Notice that the forward-path and reverse-path appear in the SMTP
  2950. commands and replies, but not necessarily in the message. That is,
  2951. there is no need for these paths and especially this syntax to appear
  2952. in the "To:" , "From:", "CC:", etc. fields of the message header.
  2953. Conversely, SMTP servers MUST NOT derive final message delivery
  2954. information from message header fields.
  2955. When the list of hosts is present, it is a "reverse" source route and
  2956. indicates that the mail was relayed through each host on the list
  2957. (the first host in the list was the most recent relay). This list is
  2958. used as a source route to return non-delivery notices to the sender.
  2959. As each relay host adds itself to the beginning of the list, it MUST
  2960. use its name as known in the transport environment to which it is
  2961. relaying the mail rather than that of the transport environment from
  2962. which the mail came (if they are different).
  2963. D. Scenarios
  2964. This section presents complete scenarios of several types of SMTP
  2965. sessions. In the examples, "C:" indicates what is said by the SMTP
  2966. client, and "S:" indicates what is said by the SMTP server.
  2967. D.1 A Typical SMTP Transaction Scenario
  2968. This SMTP example shows mail sent by Smith at host bar.com, to Jones,
  2969. Green, and Brown at host foo.com. Here we assume that host bar.com
  2970. contacts host foo.com directly. The mail is accepted for Jones and
  2971. Brown. Green does not have a mailbox at host foo.com.
  2972. S: 220 foo.com Simple Mail Transfer Service Ready
  2973. C: EHLO bar.com
  2974. S: 250-foo.com greets bar.com
  2975. S: 250-8BITMIME
  2976. S: 250-SIZE
  2977. S: 250-DSN
  2978. S: 250 HELP
  2979. C: MAIL FROM:<Smith@bar.com>
  2980. S: 250 OK
  2981. C: RCPT TO:<Jones@foo.com>
  2982. S: 250 OK
  2983. C: RCPT TO:<Green@foo.com>
  2984. S: 550 No such user here
  2985. C: RCPT TO:<Brown@foo.com>
  2986. Klensin Standards Track [Page 73]
  2987. RFC 2821 Simple Mail Transfer Protocol April 2001
  2988. S: 250 OK
  2989. C: DATA
  2990. S: 354 Start mail input; end with <CRLF>.<CRLF>
  2991. C: Blah blah blah...
  2992. C: ...etc. etc. etc.
  2993. C: .
  2994. S: 250 OK
  2995. C: QUIT
  2996. S: 221 foo.com Service closing transmission channel
  2997. D.2 Aborted SMTP Transaction Scenario
  2998. S: 220 foo.com Simple Mail Transfer Service Ready
  2999. C: EHLO bar.com
  3000. S: 250-foo.com greets bar.com
  3001. S: 250-8BITMIME
  3002. S: 250-SIZE
  3003. S: 250-DSN
  3004. S: 250 HELP
  3005. C: MAIL FROM:<Smith@bar.com>
  3006. S: 250 OK
  3007. C: RCPT TO:<Jones@foo.com>
  3008. S: 250 OK
  3009. C: RCPT TO:<Green@foo.com>
  3010. S: 550 No such user here
  3011. C: RSET
  3012. S: 250 OK
  3013. C: QUIT
  3014. S: 221 foo.com Service closing transmission channel
  3015. D.3 Relayed Mail Scenario
  3016. Step 1 -- Source Host to Relay Host
  3017. S: 220 foo.com Simple Mail Transfer Service Ready
  3018. C: EHLO bar.com
  3019. S: 250-foo.com greets bar.com
  3020. S: 250-8BITMIME
  3021. S: 250-SIZE
  3022. S: 250-DSN
  3023. S: 250 HELP
  3024. C: MAIL FROM:<JQP@bar.com>
  3025. S: 250 OK
  3026. C: RCPT TO:<@foo.com:Jones@XYZ.COM>
  3027. S: 250 OK
  3028. C: DATA
  3029. S: 354 Start mail input; end with <CRLF>.<CRLF>
  3030. C: Date: Thu, 21 May 1998 05:33:29 -0700
  3031. Klensin Standards Track [Page 74]
  3032. RFC 2821 Simple Mail Transfer Protocol April 2001
  3033. C: From: John Q. Public <JQP@bar.com>
  3034. C: Subject: The Next Meeting of the Board
  3035. C: To: Jones@xyz.com
  3036. C:
  3037. C: Bill:
  3038. C: The next meeting of the board of directors will be
  3039. C: on Tuesday.
  3040. C: John.
  3041. C: .
  3042. S: 250 OK
  3043. C: QUIT
  3044. S: 221 foo.com Service closing transmission channel
  3045. Step 2 -- Relay Host to Destination Host
  3046. S: 220 xyz.com Simple Mail Transfer Service Ready
  3047. C: EHLO foo.com
  3048. S: 250 xyz.com is on the air
  3049. C: MAIL FROM:<@foo.com:JQP@bar.com>
  3050. S: 250 OK
  3051. C: RCPT TO:<Jones@XYZ.COM>
  3052. S: 250 OK
  3053. C: DATA
  3054. S: 354 Start mail input; end with <CRLF>.<CRLF>
  3055. C: Received: from bar.com by foo.com ; Thu, 21 May 1998
  3056. C: 05:33:29 -0700
  3057. C: Date: Thu, 21 May 1998 05:33:22 -0700
  3058. C: From: John Q. Public <JQP@bar.com>
  3059. C: Subject: The Next Meeting of the Board
  3060. C: To: Jones@xyz.com
  3061. C:
  3062. C: Bill:
  3063. C: The next meeting of the board of directors will be
  3064. C: on Tuesday.
  3065. C: John.
  3066. C: .
  3067. S: 250 OK
  3068. C: QUIT
  3069. S: 221 foo.com Service closing transmission channel
  3070. D.4 Verifying and Sending Scenario
  3071. S: 220 foo.com Simple Mail Transfer Service Ready
  3072. C: EHLO bar.com
  3073. S: 250-foo.com greets bar.com
  3074. S: 250-8BITMIME
  3075. S: 250-SIZE
  3076. S: 250-DSN
  3077. Klensin Standards Track [Page 75]
  3078. RFC 2821 Simple Mail Transfer Protocol April 2001
  3079. S: 250-VRFY
  3080. S: 250 HELP
  3081. C: VRFY Crispin
  3082. S: 250 Mark Crispin <Admin.MRC@foo.com>
  3083. C: SEND FROM:<EAK@bar.com>
  3084. S: 250 OK
  3085. C: RCPT TO:<Admin.MRC@foo.com>
  3086. S: 250 OK
  3087. C: DATA
  3088. S: 354 Start mail input; end with <CRLF>.<CRLF>
  3089. C: Blah blah blah...
  3090. C: ...etc. etc. etc.
  3091. C: .
  3092. S: 250 OK
  3093. C: QUIT
  3094. S: 221 foo.com Service closing transmission channel
  3095. E. Other Gateway Issues
  3096. In general, gateways between the Internet and other mail systems
  3097. SHOULD attempt to preserve any layering semantics across the
  3098. boundaries between the two mail systems involved. Gateway-
  3099. translation approaches that attempt to take shortcuts by mapping,
  3100. (such as envelope information from one system to the message headers
  3101. or body of another) have generally proven to be inadequate in
  3102. important ways. Systems translating between environments that do not
  3103. support both envelopes and headers and Internet mail must be written
  3104. with the understanding that some information loss is almost
  3105. inevitable.
  3106. F. Deprecated Features of RFC 821
  3107. A few features of RFC 821 have proven to be problematic and SHOULD
  3108. NOT be used in Internet mail.
  3109. F.1 TURN
  3110. This command, described in RFC 821, raises important security issues
  3111. since, in the absence of strong authentication of the host requesting
  3112. that the client and server switch roles, it can easily be used to
  3113. divert mail from its correct destination. Its use is deprecated;
  3114. SMTP systems SHOULD NOT use it unless the server can authenticate the
  3115. client.
  3116. Klensin Standards Track [Page 76]
  3117. RFC 2821 Simple Mail Transfer Protocol April 2001
  3118. F.2 Source Routing
  3119. RFC 821 utilized the concept of explicit source routing to get mail
  3120. from one host to another via a series of relays. The requirement to
  3121. utilize source routes in regular mail traffic was eliminated by the
  3122. introduction of the domain name system "MX" record and the last
  3123. significant justification for them was eliminated by the
  3124. introduction, in RFC 1123, of a clear requirement that addresses
  3125. following an "@" must all be fully-qualified domain names.
  3126. Consequently, the only remaining justifications for the use of source
  3127. routes are support for very old SMTP clients or MUAs and in mail
  3128. system debugging. They can, however, still be useful in the latter
  3129. circumstance and for routing mail around serious, but temporary,
  3130. problems such as problems with the relevant DNS records.
  3131. SMTP servers MUST continue to accept source route syntax as specified
  3132. in the main body of this document and in RFC 1123. They MAY, if
  3133. necessary, ignore the routes and utilize only the target domain in
  3134. the address. If they do utilize the source route, the message MUST
  3135. be sent to the first domain shown in the address. In particular, a
  3136. server MUST NOT guess at shortcuts within the source route.
  3137. Clients SHOULD NOT utilize explicit source routing except under
  3138. unusual circumstances, such as debugging or potentially relaying
  3139. around firewall or mail system configuration errors.
  3140. F.3 HELO
  3141. As discussed in sections 3.1 and 4.1.1, EHLO is strongly preferred to
  3142. HELO when the server will accept the former. Servers must continue
  3143. to accept and process HELO in order to support older clients.
  3144. F.4 #-literals
  3145. RFC 821 provided for specifying an Internet address as a decimal
  3146. integer host number prefixed by a pound sign, "#". In practice, that
  3147. form has been obsolete since the introduction of TCP/IP. It is
  3148. deprecated and MUST NOT be used.
  3149. F.5 Dates and Years
  3150. When dates are inserted into messages by SMTP clients or servers
  3151. (e.g., in trace fields), four-digit years MUST BE used. Two-digit
  3152. years are deprecated; three-digit years were never permitted in the
  3153. Internet mail system.
  3154. Klensin Standards Track [Page 77]
  3155. RFC 2821 Simple Mail Transfer Protocol April 2001
  3156. F.6 Sending versus Mailing
  3157. In addition to specifying a mechanism for delivering messages to
  3158. user's mailboxes, RFC 821 provided additional, optional, commands to
  3159. deliver messages directly to the user's terminal screen. These
  3160. commands (SEND, SAML, SOML) were rarely implemented, and changes in
  3161. workstation technology and the introduction of other protocols may
  3162. have rendered them obsolete even where they are implemented.
  3163. Clients SHOULD NOT provide SEND, SAML, or SOML as services. Servers
  3164. MAY implement them. If they are implemented by servers, the
  3165. implementation model specified in RFC 821 MUST be used and the
  3166. command names MUST be published in the response to the EHLO command.
  3167. Klensin Standards Track [Page 78]
  3168. RFC 2821 Simple Mail Transfer Protocol April 2001
  3169. Full Copyright Statement
  3170. Copyright (C) The Internet Society (2001). All Rights Reserved.
  3171. This document and translations of it may be copied and furnished to
  3172. others, and derivative works that comment on or otherwise explain it
  3173. or assist in its implementation may be prepared, copied, published
  3174. and distributed, in whole or in part, without restriction of any
  3175. kind, provided that the above copyright notice and this paragraph are
  3176. included on all such copies and derivative works. However, this
  3177. document itself may not be modified in any way, such as by removing
  3178. the copyright notice or references to the Internet Society or other
  3179. Internet organizations, except as needed for the purpose of
  3180. developing Internet standards in which case the procedures for
  3181. copyrights defined in the Internet Standards process must be
  3182. followed, or as required to translate it into languages other than
  3183. English.
  3184. The limited permissions granted above are perpetual and will not be
  3185. revoked by the Internet Society or its successors or assigns.
  3186. This document and the information contained herein is provided on an
  3187. "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
  3188. TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
  3189. BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
  3190. HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
  3191. MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
  3192. Acknowledgement
  3193. Funding for the RFC Editor function is currently provided by the
  3194. Internet Society.
  3195. Klensin Standards Track [Page 79]