Vincenzo Gianferrari Pini wrote:
I found them very effective in blocking spam during the smtp session, in addition to blacklists. But I had to drop them because they check also the helo provided by SMTP AUTHenticated client users, that may typically have non resolvable names specially if roaming.
They are effective but even dungerous. MANY users have misconfigured systems and uses bad salutations. Furthermore the EHLO/EHLO is done before the AUTH can be issued so we only have a "checkAuthNetworks" option and not a "checkAuthClients" option like we did for other CmdHandlers.
I think that this check should be conditioned by the user being or not SMTP AUTHenticated, as the blacklist check is in RcptCmdHandler, so IMHO the current behaviour is a bug that should be fixed for 2.3.0. But as this whole helo/ehlo check functionality was introduced some time ago by Stefano, he may have given it a different meaning then mine, so I'm not sure of it.
I don't remember if I committed it or not, btw this is Norman work (IIRC). I never worked on this ehlo validity/resolvability checks because I think they are more harmful than useful.
I've not checked the sources and I don't know how it works now. I suppose you already checked the checkAuthClients/checkAuthNetworks option for the handlers.
What do you think about this? Vincenzo
I am against any change to the fastfail code because we are in RC and the fastfail is experimental code that we already changed it in trunk and should not delay furthermore 2.3.0 for this stuff. (In fact I would have released 2.3.0 with fastfail disabled at all and only document how to enable it somewhere in our wiki for people that wanted to experiment).
I think I will not veto this changes, but I think that if we start fixing this behaviours we'll never make this release.
Stefano --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
