Re: [exim] Multiline and multi ACL smtp_banner

Top Page
Delete this message
Reply to this message
Author: Wolfgang Breyha
Date:  
To: exim-users@exim.org
Subject: Re: [exim] Multiline and multi ACL smtp_banner
Marcin Mirosław wrote, on 30/04/14 14:34:
> Hi!
> I'm trying to implement some of the features from postscreen. First of
> them is sending multitiline smtp banner with delay between lines [1].


Simply add a delay in your connect ACL. 1 Second is usually enough to fool
broken clients.

> So my too fast "ehlo" makes that after "rcpt to" mail will be rejected.
> I suspect it will be completely impossible to do it. But maybe such poor
> PREGREET test would be possible without many effort in exim code?:
>
> acl_smtp_connect        = acl_check_connect

>
> acl_check_connect:
>     warn
>         message = 220-mail.xxx. ESMTP
>     warn
>         delay = 5s
>     warn
>         message = 220 mail.xxx. ESMTP go on dude

>
> And if protocol error appears let Exim rejects email at this moment.


Exim will already do that automatically if you didn't set
smtp_enforce_sync = false (main option)
or
control = no_enforce_sync (ACL control)

> What about adding feature allowing temporary ignoring
> protocol/sychronization errors (e.g. ignore_protocols_error=1) and


See above. Adding
control = no_pipelining
makes live even harder for some clients. Disabling STARTTLS might as well, but
at (too) high costs.

Read
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-main_configuration.html
for details.

> putting information about such incident into expansion item?


Currently there is no variable to check for previous sync errors.

Greetings, Wolfgang
--
Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/
Vienna University Computer Center | Austria