I have the following ACLs for acl_smtp_helo and acl_smtp_mail
respectively:
check_helo:
deny condition = ${if match{$sender_helo_name}{^.*_}{1}{0}}
message = Connection rejected. Underscores in HELO are not permitted by RFC2821.\nFix your broken mail server and try again.
accept
#!!# ACL that is used after the RCPT command
check_sender:
deny condition = ${if !def:sender_helo_name {1}{0}}
message = You must identify yourself with HELO or EHLO before sending mail.
accept
The first is because I want to give a slightly more helpful message when
presented with an underscore in a hostname, and the second is because
RFC2821 says (in §4.1.4) "A session that will contain mail transactions
MUST first be initialized by use of the EHLO command."
However, I find that my server now accepts "HELO _\nMAIL FROM:<>".
Although the HELO ACL fails, $sender_helo_name still remains set.
Obviously I can just check for the bogus underscore again in the MAIL
ACL too, but is there a way for me to clear $sender_helo_name, and
shouldn't that have happened automatically when the HELO ACL returned
'deny'?
--
dwmw2
