--On 26 October 2006 09:40:30 +0100 Philip Hazel <[EMAIL PROTECTED]> wrote:
> On Thu, 26 Oct 2006, Peter Bowyer wrote: > >> > 250 xxx.net Hello xxx.net [82.230.172.234] >> > >> > HELO is still allowed. I really would like to deny it here. >> >> HELO support is a required part of SMTP, as has already been >> explained. It's not possible, and not sensible, to disallow it. > > Well, it is possible, though I entirely agree that it is not sensible! I think the OP is saying that HELO on an authenticated connection would be unexpected, and it might be useful to bar it as a precaution. Presumably the idea is that any well written client that's authenticating is going to use EHLO, and barring HELO might just catch out some piece of malware (whether extant or theoretical) that's trying to crack the authentication. I don't know off the top of my head whether it's true that the RFCs require that a proper authenticated connection must have used EHLO. > You can check for HELO vs EHLO in an ACL. > > -- > Philip Hazel University of Cambridge Computing Service > Get the Exim 4 book: http://www.uit.co.uk/exim-book -- Ian Eiloart IT Services, University of Sussex -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
