Re: [exim] syntactically invalid argument(s) - rejected HELO

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [exim] syntactically invalid argument(s) - rejected HELO
On Thu, 16 Dec 2004, Tony Finch wrote:

> People have tried to use technical competence as an anti-spam
> technique, but it doesn't work because legitimate email senders are
> generally less clueful than the spammers.


I understand your point; but spammers aren't all formed from the same
mould. Or do you suppose they -deliberately- present our own IP
address in their HELO (to take one frequent example) in order to help
us to volunteer not to receive their offerings?

> A double dot in a HELO name (which Exim's built-in syntax check
> doesn't detect)


Sounds like something worth adding here too, thanks

> or a very long HELO name


Oh, you've spotted that? The addition of a recipe with

             condition = ${if >{${strlen:$sender_helo_name}}{xx} {1}{0}}


for some suitable value of xx is relatively recent here, but it's
keeping out a modest amount of junk that wasn't caught by other means.
Many of those had double-dots in them, by the way.

> This kind of signature might be technical incompetence (double dot)
> or it might just be abuse (excessive length) but the point of the
> check is that it's spammer-only behaviour,


But why do they do it? It's clearly no accident.

> and doesn't overlap with the fumblings of idiots.


Well, we don't do -any- checks on the HELO presented by our
authenticated senders, so that deals with those. But when offered a
transaction by some untrusted (and un-whitelisted) MTA, we have to
treat it on its own merits (if it has any ;-).

thanks