[Mimedefang] Suggestions on rejecting relays that provide syntactically-invalid arguments to HELO/EHLO
Michael Sims
michaels at crye-leike.com
Fri May 23 02:34:00 EDT 2003
Quoting Jeffrey Goldberg <jeffrey at goldmark.org>:
> > I'm also trying to decide what error I want to give people. I should
> > probably give an error such as "Invalid argument passed to HELO" or even
> > "HELO requires fully qualified domain name or address literal", but I
> > hesitate to tell the spammers how to fix their spamware to bypass this.
> > I'm sorely tempted to just respond with a generic "Access denied"
>
> There are good arguments either way. I suspect that it is a philosophical
> difference. Considering that the bounces that will be generated will
> probably not go to the spammer, and the fact that legit sites could easy
> be misconfigured, I would go with the former.
I've thought about it, and I agree with this. If I just reply with "Access
denied", a legitimate site might think that I have blacklisted them arbitrarily
and may not bother to let me know about the problem. I've decided to go with:
return('REJECT', "Invalid argument ($helo) passed to HELO/EHLO");
___________________________________________
Michael Sims
Project Analyst - Information Technology
Crye-Leike Realtors
Office: (901)758-5648 Pager: (901)769-3722
___________________________________________
More information about the MIMEDefang
mailing list