[Mimedefang] $helo versus $ip
Lucas Albers
admin at cs.montana.edu
Tue Feb 3 03:48:26 EST 2004
Jack Olszewski said:
> Yes, I've followed that thread pretty closely. But I haven't seen any
> discussion of possible resolution of $helo in dns, with no regard to
> $name, and an attempt to match the result with $ip. That is why I've
> raised my question.
>
The rule I use is thus.
If it does not have a resolvable hostname, then match on first 3 octets of
machine or domain of hostname.
Then match machine with mx of domain. (event though the mx of the domain
is for accepting mail, not sending it.)
Then reject...
You don't get much return for this, a number of machines don't have decent
dns.
On many their hostname does not resolve to the domain their helo is claiming.
--luke
--
Luke Computer Science System Administrator
Security Administrator,College of Engineering
Montana State University-Bozeman,Montana
More information about the MIMEDefang
mailing list