[exim] Synchronisation errors with SSL

Top Page
Delete this message
Reply to this message
Author: Dave Evans
Date:  
To: exim-users
Subject: [exim] Synchronisation errors with SSL
I have a "delay = 1s" during my "connect" ACL, to detect spammy senders who
start talking before the server says hello. So far, so good. If I connect to
the server, and disconnect before the 1 second is up, the log says nothing.
Good - I'm not really interested.

However if I use a tls_on_connect port, and allow the TLS negotiation to
finish, but disconnect before the banner, the log reports a synchronisation
error. Browsing the source code, this seems to be because the code in
question is detecting that data is present on the underlying socket (not the
TLS stream). Indeed the log message shows the offending data:
input="\025\003\001" - which is TLS data.

It's no biggie, but it would be nice if the log treated a TLS "eof" condition
the same as a non-TLS one (either complain of a lost connection, or just say
nothing).

Comments?

--
Dave Evans
Power Internet

PGP key: http://powernet.co.uk/~davide/pgpkey