[Mimedefang] Revisit: Filtering on HELO

Steffen Kaiser skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Fri Mar 16 05:18:48 EST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 15 Mar 2007, Dirk the Daring wrote:

>   So, I stand by my original filter code, which would reject a "domain.tld" 
> argument to EHLO (or HELO) as not being an FQDN. If the HELO is not an 
> address literal, then it should be an FDQN.

When you give "example.com" an A record (aka it resolves into an IP 
address), "example.com" is a host. (see: RFC1034 sec 3.6 type "A")
When you assign an A record to any "some-legal-string.example.com", you 
make "example.com" a "domain" in a colloquial speech, but not per RFC1034 
sec 3.5 nor RFC1036 (see below).

You may have both at the same time or either or. RFC1983 makes no 
statements on this topic, neither do RFC1034 nor RFC1035.

Check out RFC1035:
"2.1. Overview

The goal of domain names is to provide a mechanism for naming resources
in such a way that the names are usable in different hosts, networks,
protocol families, internets, and administrative organizations."

The domain name concept does not include an "host definition" per se.
One may use a domain name to identify a host.

Sec 2.3.1:

"<domain> ::= <subdomain> | " "

<subdomain> ::= <label> | <subdomain> "." <label>"

"For example, the following strings identify hosts in the Internet:

A.ISI.EDU XX.LCS.MIT.EDU SRI-NIC.ARPA"

BTW: There is some thing, which is often forgotten in this topic:

When dealing with DNS setups and lookups and the like, "domain.tld" is a 
_realtive_ domain name, it used to be named "domain.tld." once.

Regards,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRfpvDOgJIbZtwg6XAQKFgQgAn0+P9R028S2rQ+twL+FiUi4O8CGFDEig
jgUbSIcVVWOralwgjzuaxPluqIbh+zvjhSng3DEA8oKoN43r0mB7vzSqO/x2+Vyj
VNkABhiWw/qwRpmDjUvOcPBR1x42Lggphrwrs57fy3Sb/nvji1rjeqwSwNmG2KNF
h8UtQTgyF2t6sjF2GEYKgEAVrcTqSg8aHJ+AUsPwgqrdFM35GoLe3v02IQl5bMy2
BhofQu1+GKOPsxu2/IF2p0Pout8kesv1UUOGkCVVGNHSpEReQ9p2OEnHBB54h4RL
M+cUkN1KqT7ocGX0uPK4y+/jgkIXDmXetZpMyxiPQ43AoDhlqFpVVg==
=QEAQ
-----END PGP SIGNATURE-----


More information about the MIMEDefang mailing list