[exim] Re: fake helo at connect

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni via Exim-users
Date:  
To: exim-users
Subject: [exim] Re: fake helo at connect
On Mon, Jun 19, 2023 at 02:02:49PM +0300, Myhaylo Golub via Exim-users wrote:

> Some host provides fake information after connect.
>
> telnet mail.hostname. 25
> Trying *.*.*.*...
> Connected to mail.hostname.
> Escape character is '^]'.
> 220-mx.mail.hostname ESMTP Postfix
> 220 mx.mail.hostname ESMTP Postfix
>
> First line - fake.


It isn't "fake" it is a standards-compliant first line of a multi-line
banner, in which the subsequent line(s) is(are) delayed.

> After small timeout i get real helo - second line.


This is a feature of "postscreen":

    http://www.postfix.org/POSTSCREEN_README.html#pregreet


and, when enabled, is used with not previously screened clients. Once
the client passes the test, it is passed off to the real smtpd(8)
server, and the test is skipped for some time on subsequent connections.

Persistent greet pauses (regardless of previous history) are best
avoided, they can needlessly delay legitimate email.

Note also that "postscreen" can afford to keep multiple client
connections briefly idle, because it is a single process in
an event loop, and client connections are light-weight.

The real SMTP servers in both Exim and Postfix dedicate a process per
client connection, and delays can easily be more costly to the receiving
server than to the sending client.

-- 
    Viktor.


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/