I've seen connects that used our IP address as their HELO/EHLO strings. Same for using our domain name (none were able to deliver their mail, most were relay attempts).
Interesting list. I may add it, after reviewing some of the mailfrom characters (I see more and more "bad" mailfroms, most so they can track bounces, I would assume). Karen > -----Original Message----- > From: Bill Landry > > I agree with everything you have stated except, whitelisting you own IP > address is fine, since that is not tied to how the HELO is > presented by the > connecting mail server. The IP address of the connecting mail > server is not > something that would be trivial to forge (which again has nothing > to do with > the HELO string), and if you have setup you boarder router or firewall to > block spoofing attempts, then it becomes virtually impossible > that any other > system could connect using your own IP address (in fact, even if they did > connect to you with you own IP address, your system would think it was > talking to itself and would most likely not send anything back to the > connecting mail server). --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
