On Thu, 22 Mar 2007, John C Klensin wrote:
Section 4.1.4, paragraph 6 (starting "An SMTP server MAY verify...")
discusses the use and validation of the domain name value in EHLO or
HELO. It has been suggested that this discussion be strengthened by a
discussion of the conditions under which rejection for a bad EHLO
argument might be permitted.
I think that would be a mistake. That MUST NOT has for years now been
ignored in practice, because the HELO domain can provide a really good
ratware signature - over the last couple of years our conservative HELO
checks have dealt with 10-20% of junk, and some postmasters are much more
aggressive than us. Rather than adding text to further weaken the
requirement, I think it would be better to downgrade it to a SHOULD NOT
and avoid discussion of anti-spam considerations that are likely to have a
limited shelf life. (Our HELO checks are down to 5-10% of junk since
December - see also Justin Mason on the lifetime of anti-spam techniques:
ttp://taint.org/2005/08/06/024026a.html).
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
ROCKALL: NORTHWEST VEERING NORTHEAST 4 OR 5, OCCASIONALLY 6. MODERATE.
SHOWERS. GOOD.