Re: [Exim] nessus and exim

Top Page
Delete this message
Reply to this message
Author: Lorens Kockum
Date:  
To: exim-users
Subject: Re: [Exim] nessus and exim
On Mon, Apr 03, 2000 at 05:17:41PM +0100, Philip Hazel wrote:
> On 3 Apr 2000, Lorens Kockum wrote:
> > I have transmitted your point of view to Renaud, who responded
> > that instead of a 550 for EXPN (Failure) he expected 500,
> > 501, 502, 504 (Error). Sendmail and postfix send 502. After
> > reviewing the RFC wrt exim's behaviour, he has patched nessus
> > accordingly (cvs/nessus-plugins/scripts/sendmail_expn.nasl).


I somehow forgot to quote his "exim is perfectly in sync with
the RFC" :-)

> Of course, the list in RFC 821 and in the new RFC both show the folly of
> trying to anticipate all the new circumstances that are going to arise.
> Trying to be clever with them takes the "S" out of SMTP. IMHO, of
> course.


Agreed. Looking at the patch, it seems clear that this
distinction was made was because it was necessary to see whether
the command was implemented or not, not whether the argument
was a existing mailbox, which was naturally the intent of
the RFC author. Since non-existing mailboxes give 550, and
non-implementing MTAs apparently generally return 50x, the
decision was quick.

The problem was (equally quickly :-)) solved by a specific test
for exim behaviour.

-- 
#include <std_disclaim.h>                          Lorens Kockum