[Mimedefang] Revisit: Filtering on HELO

Jeff Rife mimedefang at nabs.net
Wed Mar 21 18:07:49 EDT 2007


On 16 Mar 2007 at 12:40, Jonas Eckerman wrote:

> Dirk the Daring wrote:
> 
> >     the SMTP client system does not have a meaningful domain name
> >     (e.g., when its address is dynamically allocated and no reverse
> >     mapping record is available), the client SHOULD send an address
> >     literal (see section 4.1.3), optionally followed by information
> 
> Note that that's a SHOULD and not a MUST.
> 
> I haven't read the complete RFC recently but nothing you quoted
> requires the address in HELO/EHLO to be a IP literal or a FQDN.

The part before your snip is where a FQDN is required (quoting RFC 
2821):

========================================================================
The domain name given in the EHLO command MUST BE either a primary host 
name (a domain name that resolves to an A RR) or, if the host has no 
name, an address literal as described in section 4.1.1.1.
========================================================================

The second part about the address literal is an option to allow 
machines without accurate DNS entries to more reliably send mail.  The 
idea being that sending an FQDN that doesn't resolve might get you 
blocked, while the address literal should not.

Basically, if it's not an address literal and you can't feed the HELO 
parameter to the following command and get a successful result, it's 
illegal and you can block based on it:

dig +nosearch $HELO


--
Jeff Rife | "Wheel of morality, 
          |  Turn, turn, turn. 
          |  Tell us the lesson 
          |  That we should learn" 
          |         -- Yakko, "Animaniacs" 





More information about the MIMEDefang mailing list