[Mimedefang] Non-routable addresses in HELO
John Rudd
john at rudd.cc
Mon Jul 10 13:26:40 EDT 2006
On Jul 10, 2006, at 7:57 AM, Michael Lang wrote:
>
> On Mon, 2006-07-10 at 09:17 -0500, Jim McCullars wrote:
>>
>> On Sun, 9 Jul 2006, Dirk the Daring wrote:
>>
>>> Obviously, if I have sending hosts on my network that really
>>> did have
>>> non-routable addresses, this would be a possible problem (altho the
>>> simple
>>
>> I just reject when someone sends an IP address as a HELO, and it
>> is not
>> their actual IP address. In filter_sender():
>
> i remember an exploit with negative Integers as helo name ... and as
> RFC
> 821 states
>
> """This command is used to identify the sender-SMTP to the
> receiver-SMTP. The argument field contains the host name
> of
> the sender-SMTP."""
If you're going to be a stickler about what the RFC says, in what you
require about the sender, then it's probably a good idea to be a
stickler about the RFC in how your server operates as well.
Specifically, you may not refuse the message based upon the HELO
argument.
My point being: Seems rather hypocritical to complain about the lack of
merits of the client based upon lack of RFC compliance ... while
advocating lack of RFC compliance in your server.
More information about the MIMEDefang
mailing list