*** qmail-smtpd.c-1.03-orig Mon Jun 15 10:53:16 1998 --- qmail-smtpd.c Tue Sep 2 14:19:10 2003 *************** *** 28,33 **** --- 28,45 ---- unsigned int databytes = 0; int timeout = 1200; + /* ENFORCE_FQDN_HELO patch by Paul Gregg 29/08/2003 + This patch will refuse mail servers which do not pass a . in the HELO + command. Caveat - Mail servers should send HELO when sending mail + but servers should not block on non-fqdn helo commands. Viruses tend to + not use fqdn hosts - so this patch - whilst not strictly RFC "complient" + may help in reducing inbound virii (e.g. SoBig.F virus) + Modified to run if a environment variable ENFORCE_FQDN_HELO is set. + Thanks to Richard Lyons for that tip. + This check is not performed if RELAYCLIENT is set to ''. + */ + #define ENFORCE_FQDN_HELO + int safewrite(fd,buf,len) int fd; char *buf; int len; { int r; *************** *** 48,53 **** --- 60,69 ---- void die_control() { out("421 unable to read controls (#4.3.0)\r\n"); flush(); _exit(1); } void die_ipme() { out("421 unable to figure out my IP addresses (#4.3.0)\r\n"); flush(); _exit(1); } void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n"); flush(); _exit(1); } + #ifdef ENFORCE_FQDN_HELO + void die_nohelofqdn() { out("451 unable to accept non-FQDN HELO (#4.3.0)\r\n"); flush(); _exit(1); } + #endif + void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list (#5.7.1)\r\n"); } void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)\r\n"); } *************** *** 88,93 **** --- 104,114 ---- void dohelo(arg) char *arg; { if (!stralloc_copys(&helohost,arg)) die_nomem(); if (!stralloc_0(&helohost)) die_nomem(); + #ifdef ENFORCE_FQDN_HELO + if (!relayclient || str_len(relayclient)>0) + if (env_get("ENFORCE_FQDN_HELO") && (str_len(arg)-str_chr(arg, '.')==0)) + die_nohelofqdn(); + #endif fakehelo = case_diffs(remotehost,helohost.s) ? helohost.s : 0; }