On Tue, 22 Jun 2004 13:47:04 -0500, Ryan Malayter wrote:
[Karl Prince]
Anyway moving on, the quality of HELO's is a major
issue, particularly from sites using Active Directory
and Exchange.
....
So I propose that FQDN HELO's ending in .local are not
processed, including the bounce scenario, (unless the
connecting IP is defined as local)
Fixing the external HELO name used by Windows & Exchange 2000/2003 SMTP
takes 30 seconds. Perhaps we should document this somewhere on the
"administrators guide" as a necessary step before publishing (if you run
Windows)?
I agree, a very good idea.
Also maybe as part of the setup testing, send an email to a
"test" email account (at pobox maybe), after jumping through a
few hoops for security, which then reports on all aspects of
the configuration.
This could warn of potential issues:
* No SPF record
* SPF record gives a FAIL
* SPF record is outrageous (+ALL, big IP range...)
* Lack of PTR records (or IP encoded PTR records).
* IP is designated as MTAMark=No
* IP is listed as DUL/DHCP in major RBL lists
* others based on policies of AOL etc...
However, back to .local, the problem will still apply to
domains not taking part in SPF, since if the sending MTA has has
a mydomain.local HELO which could potentially resolve in the
local DNS of a receiving MTA
----
Regards
Karl Prince
______________________________________________________________
Email via Mailtraq4Free from Enstar (www.mailtraqdirect.co.uk)