Slightly OT:
Even tho I agree that a disconnect is non-compliant at this stage (and I
do run my server non-compliant), I don't think the Lotus argument is valid
for this discussion. As a developer or administrator it is not my duty to
coddle the short-sighted, non-robust code from a well funded (at one time
at least, I haven't kept track) commercial software package. Even if my
server were completely compliant, there are any number of networking
issues/emergencies that could conceivably send a RST down the wire which
would have the same effect.
That being said... For the sake of compliance I am in favor of setting a
note and trapping it on the next attempted command if it's not a fresh
HELO attempt which someone had mentioned in another strand of this thread.
(Even tho I'm of the firm belief that very few, if any, MTA/MUAs out there
will change their HELO name on the fly and the vast majority of trapped
connections will be coming from zombie spam-bots that don't deserve any
of the considerations detailed in the RFCs.)
-f
On Wed, 8 Feb 2006, John Peacock wrote:
Date: Wed, 08 Feb 2006 15:10:35 -0500
From: John Peacock <[EMAIL PROTECTED]>
To: [email protected], Ask Bjørn Hansen <[EMAIL PROTECTED]>
Cc: Charlie Brady <[EMAIL PROTECTED]>
Subject: Re: OK,
DENYSOFT_DISCONNECT then (Re: Should spamhelo DENY_DISCONNECT?)
Ask Bjørn Hansen wrote:
Almost by definition then the client isn't being conferment if it is using
a HELO host that's in badhelo, so I'm not sure we should care too much in
this particular case.
All I'm saying is that we shouldn't [normally] disconnect after sending a
4xx/5xx code without waiting to see if the remote server sends a QUIT (i.e.
is attempting to be conformant). I'm thinking of just flagging the
connection notes and if the next command isn't QUIT, dump them. That would be
more closer to the spirit of the quoted RFC.
There was a time when Lotus Notes, in particular, didn't fail gracefully when
it lost a connection midstream and would hammer the remote server
relentlessly. In the case of spamhelo, we are safe, but other plugins might
not want to automatically dump connections like that, until the remote server
continues to ignore the RFC's.
John
