Re: EHLO/HELO [was blacklists]
On Fri, Dec 10, 2004 at 11:08:53PM +1100, Russell Coker wrote:
> I tried out "reject_unknown_hostname" but had to turn it off, too many
> machines had unknown hostnames.
>
> For example a zone foo.com has a SMTP server named postfix1 and puts
> postfix1.foo.com in the EHLO command but has an external DNS entry of
> smtp.foo.com. Such a zone is moderately well configured and there are
> too many such zones to block them all. The other helo restrictions get
> enough non-spam traffic.
actually, it's not "moderately well configured". it's trivial to add a DNS
entry for "postfix1.foo.com" (preferably an A record and not a CNAME - doesn't
matter for HELO/EHLO but it does matter for $myorigin). it's even more trivial
to make the postfix server announce itself with a real hostname, one that
actually exists in the DNS - "smtp.foo.com" would be perfect. that's all it
takes to get past reject_unknown_hostname.
it's unusual to see this level of cluelessness with someone running a
unix MTA - i thought it was reserved to Exchange and Groupwise users.
> Using reject_unknown_hostname would get close to blocking 100% of
> spam,
nowhere near that much. it helps a little, but it's not even remotely close to
the final solution to spam.
> but that's because it would block huge amounts of non-spam email.
that's not the case in my experience (but that depends on exactly what kind of
mail traffic is received).
but it's your server, you get to choose what rules are on it.
craig
ps: yes, this is another rule i use at home but not at work. there are
lots of windows MTAs out there run by the clueless. fortunately, at home
i don't need or have to communicate with them, but at work there are
many people who might.
--
craig sanders <cas@taz.net.au> (part time cyborg)
Reply to: