Intriguing! I'd always assumed that a client/server pair had to proceed through a HELO/EHLO before MAIL FROM then RCPT TO could be considered, and given that thought like Marius that rejecting the HELO/EHLO with a 5xx response code couldn't proceed into accepting a message.
But looking at the section on HELO/EHLO in the RFC for SMTP <https://tools.ietf.org/html/rfc5321#section-4.1.1.1> it transpires that it's only a SHOULD requirement: "A client SMTP SHOULD start an SMTP session by issuing the EHLO command." I've just confirmed that by telnet-ing to port 25 of our Exim server and tried going straight into a MAIL FROM without any preceding HELO/EHLO and got a happy "250 OK" response. So it looks like 'rejecting' a HELO/EHLO with a 5xx response doesn't achieve much, which explains the effect Marius was seeing. Cheers, Mike B-) On 12 January 2016 at 10:08, Jeremy Harris <[email protected]> wrote: > On 12/01/16 07:59, Marius Stan wrote: > > It works as expected, except that if I insist after the first 550 error, > > the message still goes through... > > > How can I overcome this ? > > - you could use helo_verify_hosts > - you could drop rather than deny > - you could check $sender_helo_name in the mail acl > > -- > Cheers, > Jeremy > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
