[Mimedefang] Regexp help
Cormack, Ken
Ken.Cormack at yrcw.com
Thu Feb 21 12:05:16 EST 2008
> > There really is no excuse for a private mail host advertising a
> > private IP address on a public connection.
>
> Nevertheless, the RFC's permit it. It's quite legal to do:
>
> HELO [192.168.1.1]
Sendmail normally does a pretty good job of figuring out how to identify
itself on the host it's running on, assuming it has a clean, fully qualified
host/domain, a good name resolution environment, and so on. And it's that
info that sendmail, by default, tries to use to identify itself with, in the
HELO. However, if the mail host sits behind a firewall that NAT's the
internal ip to an external one, and if the machine cant figure out it's own
name to use in the HELO, rather than an IP, or the machine has multiple
interfaces and happens to choose it's internal IP as it's primary interface,
or if the internal namespace isnt the one presented to the outside world,
you could end up with all kinds of things in the HELO.
It's usually helpful to recommend to those admins that they manually set
some of the following values in their sendmail.cf, to help sendmail identify
itself better to the outside world:
Cwlocalhost
...
# my official domain name
# ... define this only if sendmail cannot automatically determine
your domain
#Dj$w.Foo.COM
...
# $j=this host's cannonical name
#DjMYMACHINE.MYDOMAIN.COM
# $m=this host's subdomain name
DmMYDOMAIN.COM
And so on.
It may not be what we'd like to see, but it's really not at all uncommon to
see a reserved/private IP in the HELO.
Ken
More information about the MIMEDefang
mailing list