[ On Friday, May 20, 2005 at 11:25:52 (+0100), Nigel Metheringham wrote: ] > Subject: Re: [exim] Bogus HELOs > > On Fri, 2005-05-20 at 10:58 +0100, Mark Smith wrote: > > Are there any *valid* reasons for a mailserver's HELO greeting not matching > > the hostname obtained from rDNS? > > Not really.
Indeed. :-) > However you are technically not allowed to reject based on > HELO strings Well, any mailer is _technically_ allowed to reject anything it wants for any reason(s) whatsoever. Nobody, least of all the IETF and/or any RFC author, can force a site to receive mail they don't want. > and if you require HELO and reverse DNS to match you will > have a very quiet life unless your users object to losing a lot of > otherwise valid mail. Mark keep in mind that the actual requirement is that the HELO/EHLO parmeter _MUST_ resolve to an A record which gives the address the client is connecting from. Whether or not the reverse DNS (PTR for that address) is also required to resolve to a matching hostname is an entirely separate issue, i.e. whether or not you think it should depends more upon how well you trust the DNS and how well you think the reverse DNS can be used to authenticate hostnames. -- Greg A. Woods H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <[EMAIL PROTECTED]> Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL PROTECTED]> -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/