[Mimedefang] Re: Stopping bogus Domain in HELO (James Ebright)

[Matthew.van.Eerde at hbinc.com]

Dirk wrote:
>> From: "James Ebright" <jebright at esisnet.com>
>> 
>> On Mon, 20 Jun 2005 12:50:59 -0400 (EDT), Dirk the Daring wrote
>> 
>>>    "lh" is an obviously fake hostname. How would I go about
>>> requiring a HELO, if an IP address in brackets is not given, to have
>>> a resolvable FQDN?
>> 
>> The problem with blocking on this is you will end up blocking alot of
>> legitimate email as well, some MTAs and most MUAs send pretty much
>> whatever they feel like for a helo string. One very popular one uses
>> the username as the helo string......
> 
>    Well, this is a relay server. No MUAs should be talking to it
> directly, so it doesn't matter if popular MUAs are this stupid, they
> shouldn't be talking to this server in the first place.
> 
>    As for MTAs that are this stupid.... hmmmm. Which ones?

The problem comes from MTAs that only know their hostname and not their domain.  This is more common than it probably should be.  Some MTAs will misreport their IP address if they're behind a NAT (they'll report their private IP and not their public IP)

-- 
Matthew.van.Eerde (at) hbinc.com                 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com         Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"