Author: Ian Eiloart Date: To: Mike Meredith, exim-users Subject: Re: [exim] Punishing malformed HELO at acl_smtp_rcpt level?
--On 10 January 2007 08:51:39 +0000 Mike Meredith
<mike.meredith@???> wrote:
> Hi
>
> Sometime around Tue, 09 Jan 2007 01:35:39 +0100, it may be that Fionn
> Behrens wrote:
>> I am not the ultimate expert but to my knowledge smtp auth takes place
>> after HELO, doesnt it? Would it be possible to set sort of a flag in
>> this case of malformed HELO and recall it later at the acl_smtp_rcpt
>
> As an alternative to the other suggestions, you could use different
> ACLs for the mta and msa ports :-
>
> acl_smtp_rcpt = check_recipient_${if eq {$interface_port}{25}
> {mta}{msa}}
>
> (I don't use acl_smtp_helo)
>
> For me, it gives a more readable ACL section if you separate the MTA
> and MSA stuff.
What about people doing message submission on port 25? The fact that you
provide port 587 for MSA doesn't mean that people are bound to use it.
We provide MSA on a different set of IP addresses. It certainly keeps our
MSA logs clear of spam rejections, cos spammers don't even attempt to
connect to our MSA server - even on port 25!