Re: [Exim] hiding software type & version

Página Inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
Para: Nico Erfurth
CC: Dennis Davis, exim-users@exim.org
Assunto: Re: [Exim] hiding software type & version
On Mon, 23 Dec 2002, Nico Erfurth wrote:

> Exim itself checked for the ESMTP string in the banner in older versions
> (read Philip's comment in line 776 in transports/smtp.c) and used HELO if
> no ESMTP string was announced.


This was a "historical fudge" to get round the problems of old, broken
mailers. RFC 821 had always said that unknown commands should be refused
with 5xx. However, when ESMTP was first defined, it was discovered that
many badly written mailers crashed or closed the connection if a session
started with EHLO instead of HELO. Or maybe wouldn't recognize HELO
after a failed command.

To get round this, the convention evolved in the new mailers of putting
ESMTP in the banner, and only using EHLO when it was found. This allowed
time for the world to catch up with ESMTP. Exim used to do this, but
after a few years it seemed that most mailers had caught up with the new
world, and so I took it out of the client code.

> I wouldn't be surprised if some other mailers still run plain SMTP if no
> ESMTP is in the banner string.


I wouldn't either. Some things take a long time to disappear. That's why
ESMTP is still in Exim's default server banner.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.