Re: [exim] Forbid HELO

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: exim-users, Peter Bowyer
Subject: Re: [exim] Forbid HELO


--On 26 October 2006 09:40:30 +0100 Philip Hazel <ph10@???>
wrote:

> On Thu, 26 Oct 2006, Peter Bowyer wrote:
>
>> > 250 xxx.net Hello xxx.net [82.230.172.234]
>> >
>> > HELO is still allowed. I really would like to deny it here.
>>
>> HELO support is a required part of SMTP, as has already been
>> explained. It's not possible, and not sensible, to disallow it.
>
> Well, it is possible, though I entirely agree that it is not sensible!


I think the OP is saying that HELO on an authenticated connection would be
unexpected, and it might be useful to bar it as a precaution. Presumably
the idea is that any well written client that's authenticating is going to
use EHLO, and barring HELO might just catch out some piece of malware
(whether extant or theoretical) that's trying to crack the authentication.

I don't know off the top of my head whether it's true that the RFCs require
that a proper authenticated connection must have used EHLO.

> You can check for HELO vs EHLO in an ACL.
>
> --
> Philip Hazel            University of Cambridge Computing Service
> Get the Exim 4 book:    http://www.uit.co.uk/exim-book




--
Ian Eiloart
IT Services, University of Sussex