On Sun, Feb 29, 2004 at 10:16:23PM +0100, Vincent Lefevre wrote: | On 2004-02-23 22:24:28 -0500, Derrick 'dman' Hudson wrote: | > That depends on who's mail server you connect to. Some admins require | > the HELO parameter to be resolvable, and some even require it to | > resolve to the IP of the machine making the connection. | | They should fix their configuration, then. Well, | RFC 2821: | | An SMTP server MAY verify that the domain name parameter in the EHLO | command actually corresponds to the IP address of the client. | However, the server MUST NOT refuse to accept a message for this | reason if the verification fails: the information about verification | failure is for logging and tracing only. You have a nice Catch-22 here. The receiver is not allowed to reject bad data, but the sender isn't allowed to send it either! It boils down to what you, as a receiver, find acceptable. I find requiring the HELO to be syntactically correct and fully-qualified to be effective at limiting junk (spam and viruses) while not causing significant collateral damage. I think requiring the name to resolve to the same address as the client connecting is being too strict. In fact, I have found that requiring the name to resolve to anything creates too much collateral damage. YMMV. Eventually ESMTP will need to be replaced with a new infrastructure that applies the lessons learned to address the issues currently present. I have no illusions of this happening any time soon. -D -- A)bort, R)etry, B)ang it with a large hammer www: http://dman13.dyndns.org/~dman/ jabber: dman@dman13.dyndns.org
Attachment:
signature.asc
Description: Digital signature