On Tue, 14 Nov 2006, Jon Grant wrote:
But the point is moot since a large portion of MTAs have garbage
for HELO name (e.g. "JUPITER"), so rejecting solely on bad HELO
is impractical.
That's a shame. Do you think if some ISPs or gmail.com started doing
Reject 55x for bad HELO there would be a shift overall?
Yes. And requiring a valid HELO makes CSV (which validates HELO) moot.
(As does checking SPF.) Many ISPs reject for missing rDNS - which
is often out of the control of a small domain owner. But they happily
accept garbage for HELO - which is *always* in the control of the
domain owner.
However, that would mean rejecting a majority of otherwise legitimate
email until some mail admins get their act together.
For some reason, when the friendly GUI email config program asks them
to enter the hostname of their mail server, they feel compelled to
make up something random .... sendmail at least defaults to using
the systems idea of the hostname for HELO.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735