> This occurs about 50 times in a row in the same process with the same > remote address. Why should rcpt_ok be run last (that's what it says > inside the file)? After all this is a pretty basic and cheap test.
No. rcpt_ok _finally_ decides to accept or reject a message. It must therefore be run last, because there can not be a rcpt-hooking plugin after it. But i also think that it might make sense to remove the relay checking code from rcpt_ok and put in a separate plugin, e.g. called check_relay. This could then be run first in the rcpt-queue and deny all unauthorized relayings. rcpt_ok should probably be reduced to just what the name implies: returning OK for each and every mail (but this could then also be made the default in qpsmtpd). > Shouldn't rcpt_ok have a counter and disconnect after a few DENY's, > similar to count_unrecognized_commands? Does it even make sense to > continue the session after the first illegal relay attempt? Now, one can imagine scenarios where this leads to problems, but they are not very likely after all. So in my opinion, it might make sense to disconnect after a few denied rcpt tos, yes. This makes even more sense when combined with a plugin which checks if a local recipient exists after all, because blocking after a few failures would throw out all these scum trying dictionary attacks. > Does DENY only apply to a single SMTP command, not the entire session? Yes. > Is there a way to DENY the entire session, short of DENY_DISCONNECT? Whats wrong with DENY_DISCONNECT? Regards Michael -- It's an insane world, but i'm proud to be a part of it. -- Bill Hicks
