[Mimedefang] Revisit: Filtering on HELO
Jeff Rife
mimedefang at nabs.net
Wed Mar 21 18:07:49 EDT 2007
On 16 Mar 2007 at 12:40, Jonas Eckerman wrote:
> Dirk the Daring wrote:
>
> > the SMTP client system does not have a meaningful domain name
> > (e.g., when its address is dynamically allocated and no reverse
> > mapping record is available), the client SHOULD send an address
> > literal (see section 4.1.3), optionally followed by information
>
> Note that that's a SHOULD and not a MUST.
>
> I haven't read the complete RFC recently but nothing you quoted
> requires the address in HELO/EHLO to be a IP literal or a FQDN.
The part before your snip is where a FQDN is required (quoting RFC
2821):
========================================================================
The domain name given in the EHLO command MUST BE either a primary host
name (a domain name that resolves to an A RR) or, if the host has no
name, an address literal as described in section 4.1.1.1.
========================================================================
The second part about the address literal is an option to allow
machines without accurate DNS entries to more reliably send mail. The
idea being that sending an FQDN that doesn't resolve might get you
blocked, while the address literal should not.
Basically, if it's not an address literal and you can't feed the HELO
parameter to the following command and get a successful result, it's
illegal and you can block based on it:
dig +nosearch $HELO
--
Jeff Rife | "Wheel of morality,
| Turn, turn, turn.
| Tell us the lesson
| That we should learn"
| -- Yakko, "Animaniacs"
More information about the MIMEDefang
mailing list