On Wed, Nov 17, 2010 at 03:27:20PM -0500, Wietse Venema wrote:
> I had a similar patch that I was going to post 30 mins ago when
> someone walked into my room:
OK, we are on the same page then.
> > On a somewhat related note, should the documentation explicitly warn that
> > with smtpd_delay_reject=no, clients can keep going even when rejected by
> > helo restrictions, if "smtpd_helo_required = no"? Of course the client
> > could just not send "helo/ehlo", and avoid the helo restrictions that way.
> > This may not be clear to those tempted to put substantive checks in
> > the HELO branch, without enforcing the use of "HELO".
>
> Um, people who put restrictions on HELO commands need
> smtpd_helo_required=yes, regardless of smtpd_delay_reject settings.
Yes, my point was that they may not think this through, and
perhaps we should more explicitly explain this in the docs for
smtpd_helo_restrictions, smtpd_delay_reject and in SMTP_ACCESS_README.
--
Viktor.
