Stuart D. Gathman wrote:
On Mon, 21 Nov 2005, wrote:
Stuart D. Gathman wrote:
This would be after the vast majority have been rejected due to
obviously forged HELO. Is that still useful?
Rejecting on HELO is RFC-questionable.
When it says "HELO bmsi.com", and it ain't one of my bmsi.com servers,
I'm going to reject it.
I'm not disagreeing with your decision to reject based on information you
receive in the HELO... what I am suggesting is that perhaps it would be batter
to wait for MAIL FROM phase to break the bad news
Something like:
Connection established
<- bmsi ESMTP banner
-> HELO bmsi.com
<- 2xx You're lying but I can't reject yet
-> MAIL FROM: <>
<- 5xx I'm fine with the <> but you lied about being bmsi.com
-> MAIL FROM: postmaster(_at_)example(_dot_)com
<- 5xx I'm fine with the <postmaster(_at_)example(_dot_)com> but you lied about
being bmsi.com
...
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com