On Tuesday 22 June 2004 14:09, Karl Prince wrote:
Fixing the external HELO name used by Windows & Exchange 2000/2003 SMTP
takes 30 seconds. Perhaps we should document this somewhere on the
"administrators guide" as a necessary step before publishing (if you run
Windows)?
I agree, a very good idea.
Vehemently (sp?) agree!!!!
Also maybe as part of the setup testing, send an email to a
"test" email account (at pobox maybe), after jumping through a
few hoops for security, which then reports on all aspects of
the configuration.
This could warn of potential issues:
* No SPF record
* SPF record gives a FAIL
* SPF record is outrageous (+ALL, big IP range...)
* Lack of PTR records (or IP encoded PTR records).
* IP is designated as MTAMark=No
* IP is listed as DUL/DHCP in major RBL lists
* others based on policies of AOL etc...
Actually - that is an absolutely "super" idea reglarless of Exchange or not -
eg for anyone hoping/working/thinking about doing SPF - or any of the
proposed/discussed/thought-about variations - to have an email address
someplace you can send a message and have it (the remote system) send you a
message back with all the "particulars" of your/your domains/servers
configuration particulars. Very much like Dnsreports but email based.
However, back to .local, the problem will still apply to
domains not taking part in SPF, since if the sending MTA has has
a mydomain.local HELO which could potentially resolve in the
local DNS of a receiving MTA
Yep, have had a "patch" here locally for a domain/customer who's Exchange
server is "mis-configured" that way (local.domain) so they can send mail
through us since just about everyone else in the world refuses their
connection.
--
Larry Smith
SysAd ECSIS.NET
sysad(_at_)ecsis(_dot_)net