Re: [Exim] rejected HELO ... syntactically invalid argument(…

Pàgina inicial
Delete this message
Reply to this message
Autor: Alan J. Flavell
Data:  
A: Exim users list
Assumpte: Re: [Exim] rejected HELO ... syntactically invalid argument(s)
On Wed, 17 Mar 2004, Tim Jackson wrote:

> Hi Andy, on Wed, 17 Mar 2004 10:04:19 -0500 you wrote:
>
> > rejected HELO from [200.118.112.12]: syntactically invalid argument(s):
> > IBM_A31
>
> The reason why
> you're seeing lots of log entries though is quite possibly because a lot
> of misconfigured machines will keep coming back and hammering at your door
> with unreasonable frequency if they get a 5xx error at HELO time.


Indeed; but it may be unwise to reject the HELO right there and then,
as there are still a few MTA-like objects that get confused. This has
been discussed before on the list (HINT to the original questioner ;-)

I'd recommend letting them get past the HELO and FROM stage, and
then kick them out at the RCPT stage.

In the main configuration:

helo_accept_junk_hosts = *

And then test $sender_helo_name syntax in the RCPT ACL (condition = if
match, and a suitable regex).

Bearing in mind that there may be the occasional naive sinner that
you're willing to get mail from, you possibly want to start off the
ACL recipe like this

  deny hosts = ! CONFIG_DIR/helo_accept_junk_hosts
       [...]


with a plain file containing the badly-configured hosts that you are
willing to tolerate.

The other benefit of this is that it gives such a naive sinner the
chance to contact your postmaster/abuse address when they find they're
blocked.

In this case, however, you're dealing with a compromised proxy/trojan
of some kind, I think. http://openrbl.org/#200.118.112.12