Author: Wakko Warner Date: To: Eli CC: 'Kevin Reed', exim-users Subject: Re: [Exim] Unable to send additional 250 lines at EHLO/HELO time (via HELO ACL)
> I didn't really want to deny at helo time, since apparently denying a > connection based on their helo message is not RFC compliant (plus when
> Outlook clients and such send email, they always helo with the hostname of
> the system sending - so for me, that's just "eli"... I'd have tons of angry
> customers if I denied on illegal helos). I thought just spitting out a
> little:
If you did deny in helos, you'd have to white list. If you check for bad
EHLOs else where, you can base it on authentication.
> 250-Your greeting was not RFC2821 compliant
>
> Just before the "250 OK" reply - and then a delay after the warning message.
> It would be perfectly legal, and normal clients and such wouldn't see it
> (trying to tell a client not to use Outlook is harder than taking candy from
> a baby). Now since I can't really determine spammer from client at this
> stage, I just wanted to give a visual warning, and then when they try to
> send email and haven't authenticated, I can delay them at that time.
Exim IIRC, was not designed to give custom 2xx messages, nor was it designed
to give custom error codes. Technically, a rejection in HELO shouldn't be a
554 (or whatever itwas exim gives), but should be something like 503. (don't
quote me, I'm going off top of my head)
--
Lab tests show that use of micro$oft causes cancer in lab animals