Re: [Exim] exim HELO ack

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Jez Hancock
Data:  
Para: Exim Users List
Assunto: Re: [Exim] exim HELO ack
On Wed, Aug 27, 2003 at 03:24:11PM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 27, 2003 at 12:05:25 (+0100), Jez Hancock wrote: ]
> > Subject: Re: [Exim] exim HELO ack
> >
> > OE6 on win2k appears to send the netbios name in the HELO. On reading
> > RFC821 this doesn't appear to break any standard,
>
> Actually that is a direct and total violation of an absolute "MUST"
> requirement in RFC 1123 section 5.2.5. Note the year on RFC 1123. Note
> the fact that RFC 1123 is the core and foundation of all Internet
> requirements.
>
> All SMTP clients "MUST" use their fully qualified host domain name (or
> their literal IP address) as the parameter for the SMTP greeting command.

The only thing to do I suppose if you have OE clients connecting is to
ensure you allow [0-9a-z] HELO requests - as someone else mentioned the
sobig virus appears to use all uppercase HELO args.

I had a quick look for references to outlook and HELO on MS site and
found next to nothing (no surprise perhaps given the closed nature of
their s/w). It certainly appears though that OE certainly on the two
builds I found uses only a single string of a-z0-9 chars (the netbios
name of the machine in both my cases) - perhaps this is different for
Outlook on a domain, I don't know.

<snip>
> > and I can't justify denying or dropping clients based
> > solely on the fact that they don't use a FQDN or even an address literal
> > in their HELO/EHLO - a lot of my users use OE which appears to not adhere
> > to this anyway.
>
> Wait a minute here!
>
> 1. you don't have to force your own broken local clients to obey.

Unfortunately most of my clients are remote and I'm sure you know how
hard it can be pursuading some people to change mail clients -
especially when M$ make it so hard to export your mail from their
proprietary mbx format. Could be time to go on a crusade against OE
though :)

--
Jez

http://www.munk.nu/