RE: [Exim] Exchange, HELO and underscores

Etusivu
Poista viesti
Vastaa
Lähettäjä: David Moon
Päiväys:  
Vastaanottaja: 'Richard.Hall', exim-users
Aihe: RE: [Exim] Exchange, HELO and underscores
For what it's worth, I've been in touch with 4 or 5 of my mail admin
counterparts at other companies regarding the Exchange mis-configuration.

I approached them in a congenial manner and with two key points I was able
to persuade them to change their Exchange configuration:

A. The configuration change takes 1 minute.*
B. The change does not require a reboot.*
C. The change should *not* affect internal network NT name services*
D. The change is in their best interest because it makes their configuration
standards-compliant and more compatible with security conscious MTA peers.

So it's been a little more effort to communicate with the other companies,
but it's paid off so far.

* (FYI, the fix is to change the TCP/IP hostname properties in Windows NT
server 4.0)

- David

> -----Original Message-----
> From: Richard.Hall [mailto:richard.hall@ingenta.com]
> Sent: Thursday, June 26, 2003 9:50 AM
> To: exim-users@???
> Subject: [Exim] Exchange, HELO and underscores
>
>
> Yes, I know it's an old chestnut, but I still have to fight
> this battle
> occasionally. This time the opposition is resisting, and I
> need chapter
> and verse, moral support, advice, and anything else that's going.
>
> I'm running Exim 4.12 on Solaris 8. A misconfigured Exchange server is
> sending me a HELO name with an underscore in it.
>
> I used to reject at HELO time (default behaviour), but after
> investigating
> this particular sender, and following advice to others that I
> have seen on
> this list, I now have in my configuration
>
> # Many broken Exchange servers use '_' in the HELO data. If
> we reject at
> # HELO time, they very often fail to deal with the problem; plus they
> # cannot mail postmaster here (yippee!) to discuss the
> problem. So rather
> # than using acl_smtp_helo (which doesn't even exist in the version of
> # Exim I'm currently running!), we allow it through the HELO
> by specifying
>
> helo_allow_chars = _
>
> # and then check it later, in acl_smtp_rcpt, _after_ we have
> got past the
> # postmaster exception.
>
> ... and later ...
>
>   accept  local_parts   = postmaster : abuse
>           domains       = +local_domains

>
> # Now enforce the HELO checks which we skipped earlier
>
>   deny    message       = Rejected because of unacceptable syntax in \
>                           HELO/EHLO name:\n\
>                           $sender_helo_name\n\
>                           This is commonly associated with
> misconfigured mail \
>                           software;\n\
>                           see RFC2821 section 4.1.2 for legal
> domain syntax.\n\
>                           For assistance please contact
> postmaster@$domain
>           log_message   = invalid HELO syntax $sender_helo_name
>           condition     = ${if match {$sender_helo_name} {_} {1} {0}}

>
>
> In exim_rejectlog I see
>
> 2003-06-26 15:14:30 H=(iri_pdc.iriinc.org) [207.224.21.210]
> F=<xxxx@???> rejected RCPT <yyyy@???>: invalid
> HELO syntax
> iri_pdc.iriinc.org
>
> and (I assume) they got the 'message' as above, though there are
> indications that Exchange kindly failed to pass it on intact
> to the user,
> much as one would expect of Exchange :-(
>
> I now quote from the fax (yes, really) they have sent us
>
> ...
> The recipient name is not recognized  [OK, my fault for
> rejecting RCPT]
>                                       [rather than HELO, I
> guess.     ]
> ...
> 550 For assistance please contact postmaster@???

>
> Oh good, at least part of my message got through; shame they
> ignored the
> postmaster bit! It goes on (transcription errors notwithstanding) as
> follows
>
> "Hello,
>
> I was talking to my consultant yesterday who saw your e-mail
> about why I
> could not send to you and he said your message basically is
> asking us to
> change our "name" so your server can recognize it. But I
> hesitate to do
> that because you are the only one to whom I cannot send to.
> And we've had
> this "name" for a while, and I used to be able to send to you until
> recently. Changing our "name" complicates things for us.
>
> ....
> "
>
> What can I do? I can either give in (not keen), or
>
> a) quote RFC2821 section 4.1.2 at them till I'm blue in the face
> b) swear blind that nothing has changed (except that I now reject them
>    later than I used to) - but why do they claim it has
> changed recently
>    - or was it different on Exim 3, which one of my other MX's was
>    running?
> c) tell them that lots of other people would reject their
> mail - is that
>    true?
> d) tell them how to reconfigure Exchange to behave properly -
> except that
>    I don't know how - so does anyone else know how to do it?

>
>
> Any and all suggestions welcome.
>
> TIA,
> Richard Hall
>
>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim details
> at http://www.exim.org/ ##
>




IMPORTANT NOTICES:
****************************************************************************
This message is intended only for the addressee. Please notify the sender
by email if you are not the intended recipient. If you are not the
intended recipient, you may not copy, disclose, or distribute this
message or its content to any other person and any such actions may be
unlawful. Electronic mail sent through the Internet is not secure.
WR Hambrecht + Co (WRH+Co) does not accept time sensitive, action-oriented
messages or transaction orders, including orders to purchase or sell
securities, via email.

WRH+Co reserves the right to monitor and review the content of all messages
sent to or from this email address. Messages sent to or from this email
address may be stored on the WRH+Co email system.
****************************************************************************