[Mimedefang] Rejecting forged senders - comments?
gmurray at webwayone.co.uk
Wed Sep 20 10:24:53 EDT 2006
John Rudd <john at rudd.cc> writes:
> From section 4.1.4 of RFC 2821:
> An SMTP server MAY verify that the domain name parameter in the EHLO
> command actually corresponds to the IP address of the client.
> However, the server MUST NOT refuse to accept a message for this
> reason if the verification fails: the information about verification
> failure is for logging and tracing only.
> You MUST NOT reject based on the presence of bogus host information in
> the HELO/EHLO command.
No, that is not what the section quoted says. It says that you MUST
NOT reject because the (E)HLO name does not map to the IP address of
the client. The MUST NOT applies ONLY to the specific situation of the
(E)HLO name not matching the IP address of the client, it does NOT
state that you may not reject for any other reason - including it
being bogus for some other reason.
More information about the MIMEDefang