[Mimedefang] Revisit: Filtering on HELO

John Rudd john at rudd.cc
Mon Mar 26 14:23:36 EDT 2007


Philip Prindeville wrote:

> Web farms, VMware, etc. all throw whatever assumptions
> we had about multi-homing out the window.

Not when it comes to the HELO/EHLO name.

A very good reason for paying attention to the RFC prohibition on "not 
rejecting a message due to mismatch between HELO/EHLO name and DNS name" 
is exactly because of virtual hosts and virtual domains.

The correct solution is (always) for the _SERVER_ (recipient) to obey RFCs.

The client sends one of your own names or bracketed ip addresses as its 
HELO name?  Sure, reject that.

The client sends a non-bracketed IP address as its HELO name?  Sure, 
reject that.

The client sends some other name, that may or may not match the PTR 
record for IP address of the socket?  Or sends a bracketed IP address 
that doesn't match the IP address of the socket?  Accept it (and 
possibly let Spam Assassin mark it up, or add a header that points out 
the problem).





More information about the MIMEDefang mailing list