On Mon, Apr 22, 2002 at 01:04:52AM -0700, Ask Bjoern Hansen wrote: > The more correct variation would be to say that you could nuke > PIPELINING from the EHLO and then do as I suggested.
Yeah, that'd work. So far, the abuse I've seen has used HELO rather than EHLO, not that it needs to. In fact had they used EHLO I might have interpreted it as a buggy sending MTA, except that the content is always spam and the remote host is always in Asia. > Actually, I just thought of a case where we might be broken with > regards to PIPELINING. Do we have to deal with a DATA segment even > if we reject it? (A client doing as you describe; if we give a > 5xx code, is it our responsibility to not interpret their DATA part > as commands). That should be checked with the RFC. :-/ The way I recall rfc1854, DATA can only appear at the end of a pipelined command group -- after that the sender is required to wait for a 354 go-ahead or 5xx rejection before sending their data. There's an allowance for the receiving MTA issuing a go-ahead even if it's declined every recipient, but the burden is on the sender. -- Devin \ aqua(at)devin.com, 1024D/E9ABFCD2; http://www.devin.com Carraway \ IRC: Requiem GCS/CC/L s-:--- !a !tv C++++$ ULB+++$ O+@ P L+++
