On Jan 5, 2008 2:50 PM, Mark
<<mailto:admin(_at_)asarian-host(_dot_)net>admin(_at_)asarian-host(_dot_)net> wrote:
That scrutiny is forcing server operators to provide RFC-compliant
HELO data that can in turn be checked with SPF.
The 'problem' with RFC-compliant HELO data is, of course, that,
officially, there's no other requirement than that HELO be a FQDN or an
address literal.
Which is a good thing, because it gives senders a lot of flexibility
to put whatever they want in that space. Senders who care will make
an effort to use a name which is easily authenticated. Senders who
continue to say "HELO this is Jupiter", we can ignore.
In my case - "ignore" == "blacklist". For instance, I have a filter on
my mailserver that checks HELO and blacklists any server that provides HELO
of the form -?[0-9]*. (regex - matches "-678243786234" and "12345".)
Very effective. Blocks a lot of spam from bots. I have yet to see a
false positive.
-dgl-
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82236840-b29ff8
Powered by Listbox: http://www.listbox.com