Login
Email:
Password:

Bug Stats
Pending Review:1
Unconfirmed:0
Open:1
Resolved:1
Closed:641

Our main site is...
https://mid.as

Also find us on...

MIDAS | Bug Tracker

Bug ID: #1754

SMTP connections may be rejected by some servers due to ambiguous "HELO" value

Status:Closed
(Updated 2016-01-21 @ 22:22)
Impact Matrix:
High
Likely
Low
*
LowImpactHigh
Category:Functionality (Server Side)
MIDAS Versions Affected:4.00 - 4.11
Browsers Affected:Microsoft Internet Explorer Microsoft Edge Mozilla Firefox Google Chrome Apple Safari Opera
Details:An issue has been discovered with the Net::SMTP Perl module (which MIDAS uses to send email over SMTP) which can cause the HELO part of SMTP transactions to be sent as "EHLO localhost.localdomain".
"localhost.localdomain" violates the relevant standards (specifically RFC5321), which can cause some SMTP server/relays to reject the incoming connection and believe the connection is a spamming bot.
Symptoms:SMTP connections being blocked, and/or warnings about the server where your MIDAS resides showing "signs of being infected with a spam sending trojan, malicious link or some other form of botnet"
Workaround:Whitelist in your SMTP server, the IP address of the server where your MIDAS system resides
Resolution:Fixed for v4.11 if installed/updated after 21st January 2016. MIDAS will now force setting a valid HELO value for servers which don't explicitly set it
Comments (0):
Please login or register to add comments

← Back
Jump To Bug
#