Re: [exim] HELO id check too strict?

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim-users
Subject: Re: [exim] HELO id check too strict?
Phil Pennock wrote:
> On 2009-11-28 at 16:45 +1300, Craig Whitmore wrote:
>> On Sat, 2009-11-28 at 12:01 +0900, Randy Bush wrote:
>>>> hostnames (and FQDN's) aren't allowed to have _'s in them so exim is
>>>> rejecting it correctly.
>>> fqdns can have anything in them. just wait for idn deployment.
>> hostnames cannot have _'s in them.. _'s can be used but not for
>> hostnames of computers on the internet. (feel free to use them if you
>> are not connected to the internet)
>>
>> I don't want to argue.. read the RFC's.. read
>> http://en.wikipedia.org/wiki/Hostname
>>
>>
>> if you want to put a _ in your hostname or accept _'s in HELO's then its
>> up to you.. but aren't playing nice on the internet
>
> Just as a minor heads-up, you're talking to the author/co-author of,
> amongst others (I'm limiting this to DNS-related ones):
>
> RFC 2181 Clarifications to the DNS Specification.
> RFC 2182 Selection and Operation of Secondary DNS Servers. [BCP 16]
> RFC 2870 Root Name Server Operational Requirements. [BCP 40]
> RFC 2901 Guide to Administrative Procedures of the
>          Internet Infrastructure.
> RFC 3152 Delegation of IP6.ARPA. [BCP 49]
> RFC 3363 Representing Internet Protocol version 6 (IPv6) Addresses
>          in the Domain Name System (DNS).
> RFC 3681 Delegation of E.F.F.3.IP6.ARPA.

>
> So you're asking the author of many of the operational RFCs relating to
> DNS to ... uhm ... nevermind.
>
> Standards-track RFCs reflect the consensus standard of the IETF
> participants at a given time; things change. Internationalisation of
> domain-names is forcing a change of many previous assumptions; this is
> part of why Exim has the dns_check_names_pattern option and documents
> how to use this with allow_utf8_domains.
>
> Most resolver libraries long ago stopped caring. It would be an
> interesting world, where one can use 观音 as a hostname, but can't
> include an underscore. So I think that prohibitions on underscores will
> disappear within five years, in practice if not de jure.
>


Good stuff, and realistic (speaking 'from, but not for', China...).

> For now, I'd be inclined to allow underscore on the submission port but
> not the MX port. This isn't currently possible in Exim.
>
> Regards,
> -Phil
>


..not possible as tick-a-box, but not hard, either:

- Presuming the [underscore|whatever] has already been allowed in the general
case, as discussed - THEN in an acl_smtp_helo clause:

===

[warn|deny]

!condition = ${if eq{$interface_port}{587}}
condition = [any of many parsing or lookup methods for offending character(s)]

===

Plus appropriate 'message' and 'log_message', yada, yada...

(In daily use - but firing on something other than underscores...)

Bill