Re: [exim] SMTP protocol violation?

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim users
Subject: Re: [exim] SMTP protocol violation?
On 08/07/05, Claus Assmann <exim@???> wrote:
> On Thu, Jul 07, 2005, Randy Bush wrote:
> > 2005-07-08 08:05:52 SMTP protocol violation: synchronization error (input sent without waiting for greeting): rejected connection from H=[666.42.7.11] input="helo foux.psg.com\r\n"
>
> I'm curious: Can someone please point out which part of RFC 2821
> is violated here?
>
> 4.3.1 Sequencing Overview
> ...
> One important reply is the connection greeting. Normally, a receiver
> will send a 220 "Service ready" reply when the connection is
> completed. The sender SHOULD wait for this greeting message before
> sending any commands.
>
> This is just a SHOULD not a MUST.


Exim allows you to reject on all kinds of things that are not
necessarily mandated in an RFC. In this case, any client MTA which
doesn't wait for a greeting is at best badly coded - which indicates,
in the real world, it's either one of several breeds of spamware, or
the internal SMTP sender in a piece of hardware made by a vendor who
didn't care to implement the full protocol.

Blocking on this catches a useful amount of spam. Whitelist any wanted
senders using the technique recommended further up this thread and
you're ahead.

A recent thread on SPAM-L discussed how useful this technique is, in
conjunction with a delayed 220 banner as entrapment.

Peter

--
Peter Bowyer
Email: peter@???
Tel: +44 1296 768003
VoIP: sip:peter@???