On Sat, 4 Sep 2021, Viktor Dukhovni via Exim-users wrote:
> On Sat, Sep 04, 2021 at 01:18:17PM -0400, John C Klensin wrote:
>
>>> Absent a time-machine, and given that the ultimate decision is
>>> made after the initial banner and greet pause, and that
>>> refusing SMTP service (521 banner) is supposed to only happen
>>> to botnet and similar clients, the postscreen(8) service has
>>> no choice but to appear to change its mind after the initial
>>> "220-".
>>
>> If, by "change its mind", you mean "send a response sequence
>> with different codes", not true. First, if it cared about the
>> SMTP spec (and I understand the reasons why it might not), it
>> should accumulate whatever information it thinks useful before
>> sending the initial connection response and then reply with
>> either 220 or 521 (or something else) as it thinks appropriate,
>> not try to mix them.
>
> The greet pause test is *specifically* designed to detect botnet spam
> engines that don't wait for the complete multi-line response, and start
> talking as soon as they detect the first line of the response. That's
> why the pause is after, and not before, "220-". This is also why the
> final response code is unavoidably different from the initial.
Are you saying that applies in this case ?
If so, then exim is replying during the greet pause, which is a real bug ?
--
Andrew C. Aitchison Kendal, UK
andrew@???
