[ On Saturday, June 12, 2004 at 15:07:25 (-0400), Dean Brooks wrote: ]
> Subject: Re: [Exim] AOL - SPF - and EXIM
>
> We currently reject a few HELO parameters (such as giving our own
> domain from a remote non-auth sender) at MAIL FROM.
>
> What is your opinion of this with regards to this discussion? I
> haven't noticed any problems from it, but mainly did it because
> of the issues that have been discussed...
The issues are very much the same as with rejecting at RCPT time, though
perhaps in a global sense there's a wee bit less chance for as much
confusion.
I.e. I have never witnessed nor seen any evidence whatsoever for there
being any benefit to delaying the reject _at_all_, at least not when the
client-SMTP is any true MTA (as I said all bets are off with MUA
submission implementations). It obviously works some/most of the time
for some definition of "works", but it won't work any better than simply
sending the reject right away after the HELO/EHLO command and it could
end up causing just as much confusion as delaying until RCPT time for
all the same reasons.
(Perhaps this does argue for some difference in behaviour between
handling known MUA submission clients and handling random third-party
MTAs, but I'd much rather put much more pressure on the MUA authors and
maintainers to fix their horrendously broken error-handling
implementations! :-)
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <woods@???>
Planix, Inc. <woods@???> Secrets of the Weird <woods@???>