[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exim HELO=fully qualified host name?

On Sun, Feb 29, 2004 at 10:16:23PM +0100, Vincent Lefevre wrote:
| On 2004-02-23 22:24:28 -0500, Derrick 'dman' Hudson wrote:
| > That depends on who's mail server you connect to.  Some admins require
| > the HELO parameter to be resolvable, and some even require it to
| > resolve to the IP of the machine making the connection.
| They should fix their configuration, then.


| RFC 2821:
|    An SMTP server MAY verify that the domain name parameter in the EHLO
|    command actually corresponds to the IP address of the client.
|    However, the server MUST NOT refuse to accept a message for this
|    reason if the verification fails: the information about verification
|    failure is for logging and tracing only.

You have a nice Catch-22 here.  The receiver is not allowed to reject
bad data, but the sender isn't allowed to send it either!

It boils down to what you, as a receiver, find acceptable.  I find
requiring the HELO to be syntactically correct and fully-qualified to
be effective at limiting junk (spam and viruses) while not causing
significant collateral damage.  I think requiring the name to resolve
to the same address as the client connecting is being too strict.  In
fact, I have found that requiring the name to resolve to anything
creates too much collateral damage.  YMMV.

Eventually ESMTP will need to be replaced with a new infrastructure
that applies the lessons learned to address the issues currently
present.  I have no illusions of this happening any time soon.


A)bort, R)etry, B)ang it with a large hammer
www: http://dman13.dyndns.org/~dman/            jabber: dman@dman13.dyndns.org

Attachment: signature.asc
Description: Digital signature

Reply to: