helo.checks doesn't check HELO after EHLO

[Juerd]

Describe the bug
It seems that helo.checks accepts previously rejected identities.

Expected behavior
Wrong remains wrong

Observed behavior
Persistent wrong turns right:

<-  220 censored ESMTP Haraka ready
 -> EHLO google.com
<** 550 You are not who you say you are
 -> HELO google.com
<-  250 censored Hello [censored]!

Steps To Reproduce

• reject.big_company=true
• swaks -h google.com

System Info:

Haraka	Haraka.js — Version: 2.8.27
Node	v12.20.1
OS	Linux censored 4.19.0-13-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64 GNU/Linux
openssl	OpenSSL 1.1.1d 10 Sep 2019

[msimerson]

See #434

Please include logs of the transaction, so we can see what's happening.

Guess: do you have helo.checks included in karma.ini.deny_excludes?

[lnedry]

I was able to replicate this issue in a clean install of Haraka 3.0.2 (Debian 11).
This is related to #3269

[msimerson]

I am unable to replicate this with Haraka from HEAD:

❯ nc localhost 25
220 home.simerson.net ESMTP Haraka/3.0.3/2e6ff612 ready
EHLO google.com
550 You are not who you say you are
HELO google.com
550 You are not who you say you are
quit

The only PR I see that might have caused a change in behavior is #3191

[lnedry]

I just installed Haraka from HEAD and am getting the same results as Juerd.

220 lab.local ESMTP Haraka/3.0.3/2e6ff612 ready
EHLO google.com
550 You are not who you say you are
HELO google.com
250 lab.local Hello [192.168.1.250]Haraka is at your service.

config/helo.checks.ini

[check]
big_company=true

[reject]
big_company=true

[skip]
private_ip=false

[bigco]
google.com=google.com

config/plugins

helo.checks
mail_from.is_resolvable
rcpt_to.in_host_list
headers
queue/smtp_forward

[msimerson]

Ahah, seeing your config helped me narrow down exactly the issue (and see why my results were different than yours). A PR is coming soon.