ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild)

2003-09-02 14:29:45
from [Brad Knowles] [Permanent Link] 
At 12:55 AM -0400 2003/09/01, waltdnes(_at_)waltdnes(_dot_)org wrote:


   That point is moot... because if you're sending direct to the remote
 MX from a dynamic IP address, there'll be a helluva lot more machines
 rejecting you for being on a dynamic address than those worrying about
 a syntactically correct HELO.  IOW, your mail is a lot more likely to
 be accepted with an incorrect HELO from a static IP address.
This is irrelevant. The point was what you check in the {HE|EH}LO and on what basis you reject if there is some sort of failure, not where the IP address may be from. After all, it could easily be coming from a dynamic IP address assignment that is not known to the appropriate RBLs. 


   How about total lack of rDNS ?  I block on that, not on mismatching
 rDNS.
Can you be sure? If Dean Anderson were to send you a mail message from his mis-configured machines in av8.com (e.g., concorde.av8.net -> 130.105.11.50 -> relay1.av8.net, or concorde.av8.com -> 130.105.11.3 -> concorde.av8.net -> 130.105.11.50 & 130.105.11.3), would you accept or reject that message on the basis of the way he has reverse DNS set up? What method have you used to ensure that this is the case?
I ask this because the postfix option of reject_unknown_client will reject a connection for either non-existent rDNS or incorrect rDNS. Many IP addresses will have essentially useless rDNS defined for them by their ISP, even if the person using that IP address is totally unaware of this fact. Are you sure that your code (or sendmail itself) doesn't do the same? 

--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
    -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] More useless stats, Eric Dean
Next by Date:  Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild), waltdnes
Previous by Thread:  Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild), waltdnes
Next by Thread:  Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild), waltdnes
Indexes:  [Date] [Thread] [Top] [All Lists]