Exim Starttls Strange

[sftd]

Here is a short SMTP test of exim (same session):

220 domain.com ESMTP Exim 4.76 Fri, 07 Dec 2012 16:22:43 +0100
EHLO something.com
250-domain.com Hello something [1.2.3.4]
250-SIZE 20971520
250-PIPELINING
250-AUTH PLAIN LOGIN
250-HELP
250 STARTTLS
HELP
214-Commands supported:
214 AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
STARTTLS
503 STARTTLS command used when not advertised
EHLO something.com
250-5-9-144-172.sd.statnet.pl Hello 87-206-97-77.dynamic.chello.pl [87.206.97.77]
250-SIZE 20971520
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
HELP
214-Commands supported:
214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
STARTTLS
220 TLS go ahead

Does anyone have idea why:
1.
there is no STARTTLS in first HELP response
STARTTLS is "allegedly" unadvertised?
2.
there is STARTTLS in secon HELP
STARTTLS works after second EHLO


Thank you for your help and sorry if this isn't the right place.

 

[nobaloney]

May not be the right place. Are you running a server powered by the DirectAdmin hosting control panel? I originally wrote the exim.conf file used by default with DirectAdmin, though there have been some changes since. I also wrote my own Spamblocker which I distribute as an option.

If you're running DirectAdmin, your server should be advertising STARTTLS with the first connection; mine are, and I've never seen this complaint before.

It's possible something new has been added I don't know about to the latest DirectAdmin version, so if you are using DirectAdmin please write back information on the exim.conf file you're using. You can simply post the first ten lines of the file and we can tell which version you're running.

If you're not using DirectAdmin, you may be able to compare specific sections of your file with ours; the default file distributed/installed with DirectAdmin is located here. Mine is located here (nobaloney.net);simply scroll down to the bottom and click on the Click Here to Download link.

If you're using cPanel you'll need to check on the cPanel forum, The cPanel exim.conf file is configured so differently from generic and DirectAdmin exim.conf files that no-one but the cPanel folk appear to want to support it.

I suppose someone has added this behavior to your exim.conf file as a way to slow down spammers, as spammers almost never try again when a connection is refused, while all legitimate mailservers are supposed to according to applicable RFCs. But I doubt too many spammers are trying STARTTLS (or even EHLO as opposed to HELO), so I don't think it would be too effective anyway.

If you're NOT running cPanel, I can probably help you as a commercial service if you really need to change the behavior, as I'm fairly conversant with exim.conf and have contacts I can work with if there's something I'm missing, but I'd offer that only as a commercial service. Please write back in any event so we can all learn from your experience.

Jeff

 

[sftd]

Sorry for the confusion. I am using server powered by the DirectAdmin panel.

I tried using default config for DA, but the problem remained the same.

Here is what I guess You asked for.


######################################################################
# SpamBlocker.exim.conf.2.1.1-release #
# 05-Jun-2007 #
# Runtime configuration file for DirectAdmin/Exim 4.24 and above #
# Requires exim.pl dated 20-Apr-2007 17:09 or later #

 

[nobaloney]

Sorry for the confusion. I am using server powered by the DirectAdmin panel.

I tried using default config for DA, but the problem remained the same.

Here is what I guess You asked for.


######################################################################
# SpamBlocker.exim.conf.2.1.1-release #
# 05-Jun-2007 #
# Runtime configuration file for DirectAdmin/Exim 4.24 and above #
# Requires exim.pl dated 20-Apr-2007 17:09 or later #

I wrote that configuration but no longer support it. You can try updating to the one on my site to see if that resolved the problem (be sure to read the ReadMe file before installing; unlike earlier versions, it does require edits or it won't work on your system). Or hopefully someone else can reply here.

You can have me install it for you; information is on my site; see link in previous post.

Jeff

 

[sftd]

For future reference the reason was very silly. I was making test from remote computer which firewalls configuration was causing this strange behavior.

Thank you for your help and sorry for bothering you with this problem.