I was wondering about how the milter code works in Sendmail, and the fact that if the filter_helo() rejects the message, then HELO still responds with 250 and moves to the next stage, but when a EXPN or MAIL FROM: is seen, then Sendmail gives the error status from the previous HELO rejection.
Given that a filter_helo() rejection typically isn't going to be given to a legitimate mailer to begin with, but to a ratware client, strict conformance with the standard wouldn't seem to be that important. Further, if the client that you've just rejected from the HELO command is known to be a virus that will attempt to exploit your machine (say by a buffer overflow in the next command, i.e. a VRFY/EXPN/MAIL FROM command), then it seems to me you have an interest in failing the HELO command right away. Anyone familiar enough with the srvrsmtp.c code to recommend a patch that would allow immediate failure of the filter_helo() response rather than waiting for the next transition in the state machine? Thanks, -Philip _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
