[Mimedefang] Regexp help

Joseph Brennan brennan at columbia.edu
Thu Feb 21 12:20:55 EST 2008


"Cormack, Ken" <Ken.Cormack at yrcw.com> wrote:

>> > There really is no excuse for a private mail host advertising a
>> > private IP address on a public connection.
>>
>> Nevertheless, the RFC's permit it.  It's quite legal to do:
>>
>> HELO [192.168.1.1]
>
> Sendmail normally does a pretty good job of figuring out how to identify
> itself on the host it's running on,


Yes yes, but of course this is always Exchange, which has funny ideas
about concepts like "hostname".

Aside from that I think in one instance there were two gateways and
the mail server could not control which one each outbound connection
went through.  Something like a load balancer.  So it could not say
which gateway hostname to pretend to be in the helo.

Let's remember the purpose of the exercise is to distinguish spam from
legit, not to be the RFC police.  When I see more spammers than legit
sites doing "HELO [192.168.1.1]" then I'll reconsider the configuration
we use.  The exception causes minimal to no damage.  There are other
filtering hurdles to pass through.

Joseph Brennan
Columbia University Information Technology





More information about the MIMEDefang mailing list