[ On Wed, September 10, 1997 at 12:24:01 (+0100), Philip Hazel wrote: ]
> Subject: Re: Reverse IP lookups
>
> Good point. HELO is the one place where junk may get through. In other
> places, Exim syntax checks things. So if it receives
>
> MAIL FROM: abcd@domain with spaces
>
> for example, it fails that command. Exim may not (according to the RFC)
> fail messages based on the content of the HELO. However, it could do
> something like putting the contents of the HELO into quotes if it
> contained characters other than those that may legitimately form a host
> name, namely, letters, digits, dots, and hyphens. Or, alternatively, it
> could simply ignore bad characters or convert them to some printing
> representation such as \x03 or whatever.
The HELO may be legitimately rejected even within RFC 1123's silly logic
if it is messed up somehow and breaks the hostname syntax rules, etc.
Note that HELO may have additional parameters following the hostname,
usually in the case where a domain literal IP# is supplied so as to
provide further identifying "comments".
Note also that there's no reason why a given mail site cannot violate
RFC 1123's "robustness principle" for local policy reasons and simply
reject HELO's where the greeting parameter doesn't match the peer source
address (or indeed even if the PTR name doesn't match). It might be
nice if exim supported such "hard" restrictions too for those that wish
to make more restricive policy implementations.
--
Greg A. Woods
+1 416 443-1734 VE3TCP <gwoods@???> <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/