Scott Call wrote:
> On Tue, 29 Jun 2004, Christoph Kliemt wrote:
>
>> acl_check_helo_fast:
>>
>> # No HELO/EHLO
>>
>> deny condition = ${if eq{$sender_helo_name}{}{yes}{no}}
>> message = Polite hosts say HELO first\n\
>>
>> is this called at all if there was no HELO/EHLO ?
>
> This will be called if you put it in check_mail instead of check_helo
Indeed. Moreover, if you check for this sort of thing after MAIL FROM,
you can bypass all checks if an AUTH has successfully taken place.
Also you can accept and delay by up to 5 minutes. This is a reasonable
way to tax the evil spammers--even if the the remote host is a Windows
Zombie. Hmm.. does anyone do remote OS fingerprinting in an Exim ACL?