Previous Section Next Section

AllowBogusHELO

Allow HELO or EHLO sans host V8.8 and later

Prior to V8.7, sendmail would accept without complaint an SMTP HELO command (or an EHLO) that omitted the hostname:

220-oldsite.uofa.edu  Sendmail 8.6.13/8.6.13 ready at Fri, 13 Dec 2002 08:11:44 -0700
220 ESMTP spoken here
HELO
250 oldsite.uofa.edu Hello here.ufa.edu [123.45.67.89], pleased to meet you

RFC1123, section 5.2.5, specifies that all HELO and EHLO commands must be followed by a fully qualified hostname:

HELO here.uofa.edu
EHLO here.uofa.edu

Beginning with V8.7, omitting the hostname results in one of the following errors:[11]

[11] Actually, the error reflects what was entered. If you entered "EhlO" the error would be "EhlO requires a domain name."

501 5.0.0 HELO requires domain address
501 5.0.0 EHLO requires domain address

Note that there is no check to see that the hostname is actually that of the connecting host unless PICKY_HELO_CHECK is declared when sendmail is compiled (PICKY_HELO_CHECK). Also note that the specified hostname must appear to be a correctly formed hostname. If it is not, the following is printed:

501 5.0.0 Invalid domain name

If you favor forcing other sites to obey the RFCs, don't enable this option. But note that you might need to enable it if your site accepts connections from other sites that don't obey the protocols.

The AllowBogusHELO option is used like this:

O AllowBogusHELO=bool                      configuration file (V8.8 and later) 
-OAllowBogusHELO=bool                      command line (V8.8 and later) 
define(`confALLOW_BOGUS_HELO', `bool')     mc configuration (V8.8 and later) 

The bool is of type Boolean. If it is absent, the option defaults to true (do allow the hostname to be omitted). If the entire option declaration is missing, the default is false (require the hostname to be present).

The AllowBogusHELO option is safe. Even if it is specified from the command line, sendmail retains its special privileges.

    Previous Section Next Section