Jeremy wrote:
Section 3.2 says, in addition,
In the EHLO command the host sending the command identifies itself
While that isn't a direct link to the IP in use, some people
feel that it isn't unreasonable to require a traceable coupling
between the IP and the HELO via DNS lookups (even if it takes more
than one lookup step) in order to enforce the 3.2 wording.
Agreed. But I'd also like to draw your attention to RFC 2821 4.1.4,
Paragraph 6
4.1.4 Order of Commands [paragraph 6]:
An SMTP server MAY verify that the domain name parameter in the EHLO
command actually corresponds to the IP address of the client.
However, the server MUST NOT refuse to accept a message for this
reason if the verification fails: the information about verification
failure is for logging and tracing only.
The forbidding MUST NOT leaves little room for interpretation.
Don't get me wrong, though, I'm all for HELO checking, and I personally do
a LOT of it. But all under the heading of: "My MTA, my rules." :)
But my 'objections' were more to Don's scrutiny to force server operators
"to provide RFC-compliant HELO data," in the pointing out that when it
comes to RFCs, to-date they still offer more space to maneouvre in than
perhaps we'd like to see.
- Mark
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82249041-390ffa
Powered by Listbox: http://www.listbox.com