Auteur: Renaud Allard Date: À: jwexler CC: 'exim users' Sujet: Re: [exim] Exim Restrict outgoing relay by ip address
Hello,
jwexler@??? wrote: > Bill (W.B. Hacker) - Thank you immensely. Over the last 3 days, I have been
> working on this based on the direction that you provided and appear to
> finally have finally achieved our primary security objectives (outlined in
> my initial post).
>
> It seems that the $smtp_command in the case of email for non-TLS relaying is
> of the form MAIL FROM: <> (where there is a space between the colon and the
> first "<". The address being between <>.)
> Regular inbound email that is not for relay appears to be of the form MAIL
> FROM:<> where there is no space between the colon and the first "<".
> Thus, I distinguished between the two by checking for a match on these two
> strings (i.e., whether a space exists or not).
>
> Question 1: Does anyone know if this is always the case (i.e., that a space
> is present for receipt of outbound relay email but not present for inbound
> regular email for local delivery)? I am hoping that the difference of a
> space is always the case so that they can be distinguished in this way.
> The correct syntax is always "MAIL FROM:<>" without any space.
Technically, it is a syntax error to send "MAIL FROM: <>", although it
is accepted by most MTAs.
See section 3.3 of RFC5321:
"Since it has been a common source of errors, it is worth noting that
spaces are not permitted on either side of the colon following FROM
in the MAIL command or TO in the RCPT command. "
> Question 2: Is $received_protocol always ESMTP for inbound email that is for
> local delivery and SMTPS for outgoing encrypted TLS relay email?
>
ESMTP means the connecting host used EHLO (the current default) and not
HELO.
SMTPS means the protocol used encryption, although you will see ESMTPS
in exim logs as you need to send EHLO to get the announcement for TLS.