[Top] [All Lists]

Re: Strict RFC x821 Compliance: HELO/EHLO

2005-07-02 13:22:36

Follow up:

----- Original Message -----
From: "Hector Santos" <hsantos(_at_)santronics(_dot_)com>

In what sense is the handling of the HELO parameter
failing to "protect" the domain?

Because protection of your OWN domains has 100% trust behind it.

If you are going to have a strict syntax for the minor space issue on the
MAIL command which has no SMTP level correlation as a malicious
sender, then the HELO domain literal syntax RFC requirement which
does have a strong SMTP level correlation as a malicious sender (when
checking for local domain/ip spoofing) should be applied.

Valdis,  I just want to add that there are two issues here if one attempts
to add some level of enforcement:

    - Incorrect syntax (no brackets) but correct IP
    - Correct Syntax,  but incorrect IP

For the incorrect IP, the only issue I have come across here is with NATs,
Firewall, sending the wrong IP address. But it is strong Anti-Spoof detector
when the sender is using your IP address which is an attempt to simulate an
internal network router.

For the no brackets,  I found a few legacy software that did not provide the
brackets, but the IP was correct.

When (rarely) reported by customers, the latter (no brackets) is the more
common question on how to turn off the checking.    The NAT/FireWall issue
reports were corrected on their end as the more prefer way to go rather than
turning off the low level, low overhead local domain spoof detection.

Hector Santos, Santronics Software, Inc.

<Prev in Thread] Current Thread [Next in Thread>
  • Re: Strict RFC x821 Compliance: HELO/EHLO, Hector Santos <=