[Exim] Verify = helo not working in acl_smtp_helo?

Top Page
Delete this message
Reply to this message
Author: Eli
Date:  
To: exim-users
Subject: [Exim] Verify = helo not working in acl_smtp_helo?
I am trying to give a warning message to hosts who don't give a proper
helo/ehlo string, but it doesn't seem to be working and I'm stumped.

Here is my acl (and two relevant main config settings):

helo_try_verify_hosts           = *
acl_smtp_helo                   = acl_check_helo


acl_check_helo:
#       warn    message         = X-Warning-HELO: [${sender_host_address}]
provided invalid HELO/EHLO data
        warn    message         = X-Warning-HELO:
[${sender_host_address}/${host}/${host_address}] provided invalid HELO/EHLO
data
                verify          = helo
        accept



Here is what happens when I connect and give a bogus helo:

28802 SMTP<< helo testy
28802 testy in helo_lookup_domains? no (end of list)
28802 sender_fullhost = (testy) [24.157.70.246]
28802 sender_rcvhost = [24.157.70.246] (helo=testy)
28802 set_process_info: 28802 handling incoming connection from (testy)
[24.157.70.246]
28802 verifying HELO testy
28802 looking up host name for 24.157.70.246
28802 DNS lookup of 246.70.157.24.in-addr.arpa (PTR) succeeded
28802 IP address lookup yielded
cpe0050fc237b04-cm014320108112.cpe.net.cable.rogers.com
28802 gethostbyname looked up these IP addresses:
28802 name=cpe0050fc237b04-cm014320108112.cpe.net.cable.rogers.com
address=24.157.70.246
28802 checking addresses for
cpe0050fc237b04-cm014320108112.cpe.net.cable.rogers.com
28802 24.157.70.246 OK
28802 getting IP address for testy
28802 gethostbyname returned 1 (HOST_NOT_FOUND)
28802 no IP address found for host testy (during SMTP connection from
(testy) [24.157.70.246])
28802 LOG: host_lookup_failed MAIN
28802 no IP address found for host testy (during SMTP connection from
(testy) [24.157.70.246])
28802 HELO verification failed but host is in helo_try_verify_hosts
28802 using ACL "acl_check_helo"
28802 processing "warn"
28802 check verify = helo
28802 warn: condition test failed
28802 processing "accept"
28802 accept: condition test succeeded
28802 SMTP>> 250 testunix.webminders.com Hello
cpe0050fc237b04-cm014320108112.cpe.net.cable.rogers.com [24.157.70.246]


The 2 messages are there just for me to see what variables I get access to
(I'm testing stuff) :) The main thing I'm concerned about is that no
warning is being passed to my SMTP connection (I've tried deny as well, and
it never did). The accept at the end is to ensure it's accepted rather than
denied or anything after processing the helo acl - redundant, but helps me
sleep at night.

The documents say that by setting helo_try_verify_hosts it will do a check,
but won't reject on it. It also states that I can later verify the reply
using verify = helo in an ACL, which I have done, but it doesn't seem to be
working. Is it maybe that the helo_try_verify_hosts is checking the helo
string, knowing it should fail, but accepting it because of
helo_try_verify_hosts and thus is setting the final status of the check to
be true rather than false (meaning the verification process is always going
to say it passed the check)? Using Exim 4.30 by the way.

Eli.


---
[This E-mail scanned for viruses]