[Mimedefang] Revisit: Filtering on HELO
les at futuresource.com
Fri Mar 23 08:03:31 EST 2007
Philip Prindeville wrote:
>> We check for localhost or 127.0.0.1
>> We check for our name.
>> We check for our IP address with/without ['s
>> We check for helo of friend
>> We check for helo where length < 3 or doesn't have dots.
> I would add to all that also checking that if the
> remote end says "HELO [x.x.x.x]", that the x.x.x.x
> really is the same as their $hostip (or whatever)
> and not some other address.
> A lot of hosts say "HELO 220.127.116.11" when their address
> is really 18.104.22.168.
> If they can't be trusted to figure out their own
> address, then they're probably pretty broken (and
> that includes being behind a NATing firewall as we
Many hosts are multi-homed and thus have more than one address. I don't
think mailers are required to match the HELO to the interface that
happens to be used for the connection. Also in the NAT case it may or
may not be possible for anyone to know the address that will be seen on
the other side.
lesmikesell at gmail.com
More information about the MIMEDefang