On Wed, Nov 17, 2010 at 03:27:20PM -0500, Wietse Venema wrote: > I had a similar patch that I was going to post 30 mins ago when > someone walked into my room:
OK, we are on the same page then. > > On a somewhat related note, should the documentation explicitly warn that > > with smtpd_delay_reject=no, clients can keep going even when rejected by > > helo restrictions, if "smtpd_helo_required = no"? Of course the client > > could just not send "helo/ehlo", and avoid the helo restrictions that way. > > This may not be clear to those tempted to put substantive checks in > > the HELO branch, without enforcing the use of "HELO". > > Um, people who put restrictions on HELO commands need > smtpd_helo_required=yes, regardless of smtpd_delay_reject settings. Yes, my point was that they may not think this through, and perhaps we should more explicitly explain this in the docs for smtpd_helo_restrictions, smtpd_delay_reject and in SMTP_ACCESS_README. -- Viktor.