On Thu, 2004-04-22 at 16:12, Stuart D. Gathman wrote:
2525 were rejected because of HELO failing the SPF check. Of these,
2419 used a HELO with my own domain, and 106 used a HELO with other
domains. (So just rejecting your own domains from external servers
gets most of the benefit - but SPF generalizes the check and eliminates a
configuration item.)
Obviously you need to be careful about exactly what your mail server is
intended for when designing your tests.
For example, although HELO <mailserver domain> is a damn good indicator
of bad stuff, its also used by some MUAs - in particular
Mozilla/Thunderbird. Obviously you would use authenticated SMTP (maybe
MSA) for a remote client talking to your mail server, and the rules for
an authenticated client should be rather different....
[Not a criticism of the figures in this - just a point that needs to be
kept in mind]
Nigel.
--
[ Nigel Metheringham
Nigel(_dot_)Metheringham(_at_)InTechnology(_dot_)co(_dot_)uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]