On Fri, 2 Feb 2007, Peter Bowyer wrote:
> From: Peter Bowyer <peter@???>
> To: Exim users mailing list <exim-users@???>
> Date: Fri, 2 Feb 2007 12:45:51 +0000
> Subject: Re: [exim] A riddle: What HELO/EHLO does remote host send?
...
> Since your HELO ACL rejected the HELO, and the client didn't send
> another one, $sender_helo_name is subsequently blank. A rejection
> of the HELO simply causes the transaction to continue as though no
> HELO had been received.
>
> HELO rejection is generally better done at RCPT time, for this
> reason amongst others.
And is a cheap and effective way of getting rid of suspect
connections. My mail servers don't like HELO greetings that say the
connection is:
(1) The mail server, name or IP address.
(2) A domain handled by the mail server.
(3) Something that doesn't look like a FQDN.
(4) A selection of names, eg "localhost.localdomain".
It's effective. Among yesterday's to 50 mail rejection reasons were:
Messages Mail rejection reason
10102 Rejected RCPT: invalid HELO syntax localhost
921 Rejected RCPT: bad HELO name localhost.localdomain
405 Rejected RCPT: imposter 138.38.32.23
214 Rejected RCPT: imposter coppi.bath.ac.uk
186 Rejected RCPT: Charlatan, how can you be bath.ac.uk?
71 Rejected RCPT: Charlatan, how can you be ukoln.ac.uk?
--
Dennis Davis, BUCS, University of Bath, Bath, BA2 7AY, UK
D.H.Davis@??? Phone: +44 1225 386101
