Hello Fionn,
Fionn Behrens <fionn@???> (Di 09 Jan 2007 01:35:39 CET):
>
...
>
> Unfortunately (as if I could not have guessed that) it also prevents
> some of our customers from sending mail, who use dynamic IP and shitty
> MUAs from redmond.
> I am not the ultimate expert but to my knowledge smtp auth takes place
> after HELO, doesnt it? Would it be possible to set sort of a flag in
> this case of malformed HELO and recall it later at the acl_smtp_rcpt
> level? At that point I know whether I am talking to a "foreign" mail
> server or to a properly authenticated customers client and could shut up
> the former one.
You can verify whatever you want at any time (after it is known, of
course). Thus you can verify the helo even in the DATA acl.
We've something like this:
acl_check_rcpt:
...
accept authenticated = *
require verify = helo
...
--
Heiko Schlittermann