On 08/07/05, Claus Assmann <[EMAIL PROTECTED]> wrote: > On Thu, Jul 07, 2005, Randy Bush wrote: > > 2005-07-08 08:05:52 SMTP protocol violation: synchronization error (input > > sent without waiting for greeting): rejected connection from > > H=[666.42.7.11] input="helo foux.psg.com\r\n" > > I'm curious: Can someone please point out which part of RFC 2821 > is violated here? > > 4.3.1 Sequencing Overview > ... > One important reply is the connection greeting. Normally, a receiver > will send a 220 "Service ready" reply when the connection is > completed. The sender SHOULD wait for this greeting message before > sending any commands. > > This is just a SHOULD not a MUST.
Exim allows you to reject on all kinds of things that are not necessarily mandated in an RFC. In this case, any client MTA which doesn't wait for a greeting is at best badly coded - which indicates, in the real world, it's either one of several breeds of spamware, or the internal SMTP sender in a piece of hardware made by a vendor who didn't care to implement the full protocol. Blocking on this catches a useful amount of spam. Whitelist any wanted senders using the technique recommended further up this thread and you're ahead. A recent thread on SPAM-L discussed how useful this technique is, in conjunction with a delayed 220 banner as entrapment. Peter -- Peter Bowyer Email: [EMAIL PROTECTED] Tel: +44 1296 768003 VoIP: sip:[EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
