--"Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> wrote:
On Mon, 13 Dec 2004, Alex van den Bogaerdt wrote:
RFC2821 allows rejection for various reasons. The only thing it
specifically forbids is you MUST NOT reject purely on the fact that
ptr(connecting ip address) != HELO.
Of course. But what about rejecting when
a(HELO name) != connecting ip address ?
Technically it's possible for the host to be coming to you via an IP that
it doesn't even know as belonging to it (like a mail server behind a NAT
that has an internal IP and shares the firewall IP for outside access).
If they *really* want to do that, they could get around it by programming
the mail server to HELO with the outside IP.
Personally, I see no reason to accept mail from a mail server that uses
HELO [ip]... I think the reasons for that were mostly historical and are
pretty much gone today. But that's a local policy decision and not an rfc
reason.
gregc
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>