From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Mon, 20 May 2024 13:47:04 +0000 (+0100)
Subject: Handle MAIL-before-EHLO under smtp_max_synprot_errors.  Bug 3096
X-Git-Tag: exim-4.98-RC0~15
X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/b97c55112656f7d9cc5629b0cdb2e14a1b2ac649?ds=inline

Handle MAIL-before-EHLO under smtp_max_synprot_errors.  Bug 3096
---

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 98c7a9584..e1cec9e15 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -151,10 +151,13 @@ JH/29 Bug 3087: Fix SRS encode.  A zero-length quoted element in the local-part
 JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC.
 
 JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of
-      ipv6 addresses for the sender.  Previously the uncompressed form was
-      used, and if used in textual form this would result in behavior difference
+      ipv6 addresses for the sender.  Previously the uncompressed form was used,
+      and if used in textual form this would result in behavior difference
       versus non-bh.
 
+JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is
+      now classed as a protocol error and subject to smtp_max_synprot_errors.
+
 
 Exim version 4.97
 -----------------
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index f65ab6603..ff50c80f9 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -4352,9 +4352,10 @@ while (done <= 0)
 	if (  fl.helo_verify_required
 	   || verify_check_host(&hosts_require_helo) == OK)
 	  {
-	  smtp_printf("503 HELO or EHLO required\r\n", SP_NO_MORE);
 	  log_write(0, LOG_MAIN|LOG_REJECT, "rejected MAIL from %s: no "
 	    "HELO/EHLO given", host_and_ident(FALSE));
+	  done = synprot_error(L_smtp_protocol_error, 503, NULL,
+		      US"HELO or EHLO required");
 	  break;
 	  }
 	else if (smtp_mailcmd_max < 0)
diff --git a/test/confs/0637 b/test/confs/0637
new file mode 100644
index 000000000..a47d7d128
--- /dev/null
+++ b/test/confs/0637
@@ -0,0 +1,13 @@
+# Exim test configuration 0637
+
+HVH=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+# ----- ACL -----
+
+# End
diff --git a/test/log/0637 b/test/log/0637
new file mode 100644
index 000000000..5971628d3
--- /dev/null
+++ b/test/log/0637
@@ -0,0 +1,8 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 SMTP call from [127.0.0.1] dropped: too many syntax or protocol errors (last command was "mail from:<u4@cus.cam.ac.uk>",  C=MAIL,MAIL,MAIL,MAIL)
diff --git a/test/rejectlog/0637 b/test/rejectlog/0637
new file mode 100644
index 000000000..9f539cd1d
--- /dev/null
+++ b/test/rejectlog/0637
@@ -0,0 +1,7 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 rejected MAIL from [127.0.0.1]: no HELO/EHLO given
+1999-03-02 09:44:33 SMTP call from [127.0.0.1] dropped: too many syntax or protocol errors (last command was "mail from:<u4@cus.cam.ac.uk>",  C=MAIL,MAIL,MAIL,MAIL)
diff --git a/test/scripts/0000-Basic/0637 b/test/scripts/0000-Basic/0637
new file mode 100644
index 000000000..7ed9b3cbe
--- /dev/null
+++ b/test/scripts/0000-Basic/0637
@@ -0,0 +1,18 @@
+# mail before ehlo
+exim -bd -DSERVER=server -oX PORT_D
+****
+client 127.0.0.1 PORT_D
+??? 220
+mail from:<u1@cus.cam.ac.uk>
+??? 503 HELO or EHLO required
+mail from:<u2@cus.cam.ac.uk>
+??? 503
+mail from:<u3@cus.cam.ac.uk>
+??? 503
+mail from:<u4@cus.cam.ac.uk>
+??? 503-
+??? 503 Too many
+???*
+****
+killdaemon
+no_stderr_check
diff --git a/test/stdout/0637 b/test/stdout/0637
new file mode 100644
index 000000000..97d95ea6e
--- /dev/null
+++ b/test/stdout/0637
@@ -0,0 +1,20 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> mail from:<u1@cus.cam.ac.uk>
+??? 503 HELO or EHLO required
+<<< 503 HELO or EHLO required
+>>> mail from:<u2@cus.cam.ac.uk>
+??? 503
+<<< 503 HELO or EHLO required
+>>> mail from:<u3@cus.cam.ac.uk>
+??? 503
+<<< 503 HELO or EHLO required
+>>> mail from:<u4@cus.cam.ac.uk>
+??? 503-
+<<< 503-HELO or EHLO required
+??? 503 Too many
+<<< 503 Too many syntax or protocol errors
+???*
+Expected EOF read
+End of script