[Mimedefang] Revisit: Filtering on HELO

Richard Laager rlaager at wiktel.com
Fri Mar 16 14:21:42 EST 2007


On Fri, 2007-03-16 at 13:38 -0400, Joseph Brennan wrote:
> Those are solid, I agree, except as I was saying some with no dots
> are actually small-time organizations misled by Windows software.

Yes, you will have some false positives. In general, we provide an error
message in this case and let people contact us when things fail. I then
explain to them how to configure the hostname in the System control
panel, which without fail always has fixed the problem in the past.

> When the helo is an IP in [ ], it should be $RelayAddr in there.
> Not for example 86.98.53.231 saying "helo [213.42.21.56]" or
> 66.249.194.85 saying "helo [216.184.125.15]".  But this might not
> be common enough to bother with.

IIRC, this is a case of verification explicitly disallowed by the RFCs,
because of NAT. A machine might think it's "10.10.10.10", but it could
be anything after it passes through NAT.

Richard

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.roaringpenguin.com/pipermail/mimedefang/attachments/20070316/a56d2521/attachment.bin


More information about the MIMEDefang mailing list