fix: reject empty HELO/EHLO with 501 per RFC 5321

EHLO/HELO require a domain or address-literal argument. Previously
the server accepted bare EHLO with no argument and responded 250,
which deviates from the spec and makes the honeypot easier to
fingerprint.

templates/smtp/server.py

@@ -142,6 +142,11 @@ class SMTPProtocol(asyncio.Protocol):
         args  = parts[1] if len(parts) > 1 else ""
 
         if cmd in ("EHLO", "HELO"):
+            if not args:
+                self._transport.write(
+                    f"501 5.5.4 Syntax: {cmd} hostname\r\n".encode()
+                )
+                return
             _log("ehlo", src=self._peer[0], domain=args)
             self._transport.write(
                 f"250-{_SMTP_MTA}\r\n"