----- Original Message -----
From: "william(at)elan.net" <william(_at_)elan(_dot_)net>
The point is to remember what standard specs say and
not give in and allow for incorrect behavior just because
one large vendor says so.
I agree. I'm all for strict compliancy. Including myself.
However, if a server is less strict (in regards to the MAIL FROM:sp) which
is a long time legacy issue, and allows for non-compliant behavior, does
this make this just as non-compliant?
I mean, I can see the http://www.DNSREPORT.com people adding a check for
this kind of strict testing. It would be useful.
But I mean, your own server at elan.net didn't bother to validate the domain
literal.
220 sokol.elan.net ESMTP Sendmail 8.13.1/8.13.1;
Thu, 30 Jun 2005 05:45:42 -0700
helo [216.151.192.200]
250 sokol.elan.net Hello adsl-10-44-25.mia.bellsouth.net
[65.10.44.25], pleased to meet you
which is typically an illegal syntax due to being a spoof.
nor does check for a client domain local domain spoof as well:
220 sokol.elan.net ESMTP Sendmail 8.13.1/8.13.1;
Thu, 30 Jun 2005 05:47:43 -0700
helo mail.elan.net
250 sokol.elan.net Hello adsl-10-44-25.mia.bellsouth.net
[65.10.44.25], pleased to meet you
Again, another RFC violation because its not support to be your domain there
with my machine as the client.
So how far will we go with this?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com