On Tue, 5 Jul 2005, william(at)elan.net wrote:
I'm curious if CSV considered situations where HELO/EHLO has dns A
record that properly matches ip address if SMTP Client? This appears to
provide same kind of verification that EHLO name is true and being used
by appropriate client as what CSV is trying to do.
No it doesn't: it provides authentication, not authorization. Most of the
hosts on my network have correct DNS but only a tiny fraction of them are
authorized to act as SMTP clients. CSA would say forbidden (if I had
finished depluing it) but your simple check would say OK.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.