[Mimedefang] Revisit: Filtering on HELO
Les Mikesell
les at futuresource.com
Mon Mar 26 00:16:56 EDT 2007
Philip Prindeville wrote:
>> And, since you can stop so much without ever violating the RFC on HELO,
>> why even bother? Tossing out non-FQDN, IP addresses (not address-
>> literals, but bare IPs), and hostnames/address literals that resolve to
>> non-routable IPs would leave you with almost nothing left that wouldn't
>> "verify".
>>
>
> Huh? You've just said that you can't toss out anything
> that comes from the HELO command, if you're arguing for
> strict compliance with RFC-1123, section 5.2.5.
You are allowed reject on syntax (bare hostname, invalid address
notation, etc.), just not on the name or IP not matching what you think
it should match.
> Again, I'm not understanding what you're saying. The one
> test that RFC-1123 sanctions is ensuring that the name
> is an FQDN that's resolvable... You're saying you don't
> make this test?
You are not allowed to reject if it doesn't resolve or if it resolves to
something other than what you expect so it is a waste of time to check.
As long as the syntax is correct for a FQDN or IP literal you might
as well move on to something else.
--
Les Mikesell
lesmikesell at gmail.com
More information about the MIMEDefang
mailing list