Re: [Exim] AOL - SPF - and EXIM

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MExim User's Mailing List at <-
MTony Finch at ->
Delete this message
Reply to this message
Author: Exim User's Mailing List
Date:  
To: Suresh Ramasubramanian
CC: Exim User's Mailing List
Subject: Re: [Exim] AOL - SPF - and EXIM
[ On Sunday, June 13, 2004 at 18:28:58 (+0530), Suresh Ramasubramanian wrote: ]
> Subject: Re: [Exim] AOL - SPF - and EXIM
>
> Well that's why our single line 5xx is "No thank you. See http://spamblock
> [blah]"

As an aside note that a single-line response makes it almost impossible
to implement any effective kind of DoS avoidance. Delaying too long
before sending the first line invites a disconnect and immediate
re-connect -- the only sure way to hold a broken client online long
enough to prevent their immediate re-connect from eating even more of
your resources is to delay a short time (e.g. less than 5 seconds)
before the first error response line you send them and then to leave the
rest of the delay (e.g. up to the RFC mandated minimum client timeout of
five minutes) until just before the last line. Note I'm talking about
DoS avoidance here, not "tar-pitting", though the longer you delay then
the more you'll be occupying the resources of the undesirable sender too.

> On Sat, Jun 12, 2004 at 03:14:46PM -0400, Greg A. Woods wrote:
> >
> > Sending a 5xx about the HELO/EHLO command
> > after each RCPT command is confusing at best and just plain stupid at
> > worst.
>
> A 5xx of that sort will lead to the smtp connection being dropped btw

Well it depends on exactly what you imply by "dropped", but no, not in
my experience it won't. What mail _servers_ have you seen drop the
connection when they get a permanent error code in response to their
greeting? Are you sure you're not just seeing the connection drop after
the EHLO attempt and then another immediate connection that starts with
a HELO?

Keep in mind we're talking about the implications of dealing with real
mail servers and legitimate senders here -- not spamware and malware.
It doesn't matter if the latter drop the connection (good riddance!).

How about we start with Exim? What does it do when it's acting as a
client-SMTP and it sees a 5xx response to its HELO? 

--
                        Greg A. Woods


+1 416 218-0098                  VE3TCP            RoboHack <woods@???>
Planix, Inc. <woods@???>          Secrets of the Weird <woods@???>



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] SMTP Logging[Exim] Re: SMTP Logging->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)