Mark wrote:
The 'problem' with RFC-compliant HELO data is, of course, that,
officially, there's no other requirement than that HELO be a FQDN or an
address literal.
Section 3.6 of RFC 2821 states:
The domain name given in the EHLO command MUST be either a primary
host name (a domain name that resolves to an A RR) or, if the host
has no name, an address literal as described in section 4.1.1.1.
Nowhere is it written, in RFC-marble, that said HELO name actually
corresponds
with the connecting IP address. It makes a great deal of sense in doing so,
of
course; but the point being, that server operators can supply fully
RFC-compliant HELO data, and still be relatively free in their choice of
HELO
name.
Section 3.2 says, in addition,
In the EHLO command the host sending the command identifies itself
While that isn't a direct link to the IP in use, some people
feel that it isn't unreasonable to require a traceable coupling
between the IP and the HELO via DNS lookups (even if it takes more
than one lookup step) in order to enforce the 3.2 wording.
Cheers,
Jeremy
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82239483-247417
Powered by Listbox: http://www.listbox.com