On Thu, 28 Aug 2003, Russell King wrote:
> On Thu, Aug 28, 2003 at 01:36:20PM +0100, Giuliano Gavazzi wrote:
> > only problem is that spammers use software which can ignore HELO/EHLO
> > errors, and last time I checked (IIRW) exim will accept the delivery
> > even after a failed HELO (at least for illegal chars).
> > If this is still true one must, also or only, reject at RCPT or DATA time.
>
> Sounds like a good reason to use "drop" rather than "deny" if you want
> to report errors at HELO/EHLO time.
OK, but that's not the only way of dealing with those who send a bad
HELO and then proceed with the mail transaction.
This goes back to an earlier version of exim4, but it still works OK:
* in the main configuration:
helo_accept_junk_hosts = *
* in the RCPT ACL:
deny condition = ${if \
or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}}
message = RFCs mandate HELO/EHLO before mail can be sent.
Once again: a benefit of this is that misguided bona-fide senders can
get far enough to email the postmaster address and ask about their
problem.
(I'm not trying to say the one is absolutely right or the other is
absolutely wrong - just that there are various options to choose
from.)
cheers.
