[Mimedefang] Revisit: Filtering on HELO
rlaager at wiktel.com
Fri Mar 16 14:21:42 EST 2007
On Fri, 2007-03-16 at 13:38 -0400, Joseph Brennan wrote:
> Those are solid, I agree, except as I was saying some with no dots
> are actually small-time organizations misled by Windows software.
Yes, you will have some false positives. In general, we provide an error
message in this case and let people contact us when things fail. I then
explain to them how to configure the hostname in the System control
panel, which without fail always has fixed the problem in the past.
> When the helo is an IP in [ ], it should be $RelayAddr in there.
> Not for example 184.108.40.206 saying "helo [220.127.116.11]" or
> 18.104.22.168 saying "helo [22.214.171.124]". But this might not
> be common enough to bother with.
IIRC, this is a case of verification explicitly disallowed by the RFCs,
because of NAT. A machine might think it's "10.10.10.10", but it could
be anything after it passes through NAT.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.roaringpenguin.com/pipermail/mimedefang/attachments/20070316/a56d2521/attachment.bin
More information about the MIMEDefang