Author: Peter Bowyer Date: To: exim users Subject: Re: [exim] SMTP protocol violation?
On 08/07/05, Claus Assmann <exim@???> wrote: > On Thu, Jul 07, 2005, Randy Bush wrote:
> > 2005-07-08 08:05:52 SMTP protocol violation: synchronization error (input sent without waiting for greeting): rejected connection from H=[666.42.7.11] input="helo foux.psg.com\r\n"
>
> I'm curious: Can someone please point out which part of RFC 2821
> is violated here?
>
> 4.3.1 Sequencing Overview
> ...
> One important reply is the connection greeting. Normally, a receiver
> will send a 220 "Service ready" reply when the connection is
> completed. The sender SHOULD wait for this greeting message before
> sending any commands.
>
> This is just a SHOULD not a MUST.
Exim allows you to reject on all kinds of things that are not
necessarily mandated in an RFC. In this case, any client MTA which
doesn't wait for a greeting is at best badly coded - which indicates,
in the real world, it's either one of several breeds of spamware, or
the internal SMTP sender in a piece of hardware made by a vendor who
didn't care to implement the full protocol.
Blocking on this catches a useful amount of spam. Whitelist any wanted
senders using the technique recommended further up this thread and
you're ahead.
A recent thread on SPAM-L discussed how useful this technique is, in
conjunction with a delayed 220 banner as entrapment.