Am 07.09.19 um 03:16 schrieb Phil Pennock via Exim-users:
> On 2019-09-06 at 22:04 +0200, Heiko Schlittermann via Exim-users wrote:
>> The HELO ACL doesn't help either, as the first EHLO comes before
>> STARTTLS, and the second EHLO doesn't have to come, the client may send
> Oh pox. My memory is going. I hadn't realized that my protection
> against this comes from long-standing local configuration, not Exim
> defaulting to enforcing this:
>
> acl_check_mail:
> deny message = 503 Bad sequence of commands - must send HELO/EHLO first
> condition = ${if !def:sender_helo_name}
And i thought, this is "default" besides the unusual textblock :)
acl_check_mail:
# Hosts are required to say HELO (or EHLO) before sending mail.
# So don't allow them to use the MAIL command if they haven't
# done so.
deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
You can find it i.e. in the default redhat configfile.
best regards,
Marius
