Thomas Jacob wrote: > > "matches the host name that Exim obtains by doing a reverse lookup of > the calling host address" > > so basically "a reverse lookup" has to be read as > "reverse lookup/lookup-again using Exim's host_lookup technique"? Hmm.
Yes. That's the meaning of "reverse lookup" everywhere it appears in the exim docs. I'm not sure if that's explicitly spelled out anywhere -- if not, perhaps it should be. Phillip? > I realise that technically speaking C) doesn't conform to > RFC 2821, but there seems to be a relevant number of legitimate > MTA's out there, that sends mail using an IP with a reverse lookupable > PTR > record, that points to their HELO string, which in turn points to > something stupid. > > And HELO-strings are worthless for IDing the true origin of > an email anyway, but the PTR records of the IPs of > compromised systems cannot easily be manipulated by spammers, > but of course, they could simply do a PTR lookup of > the spam zombie host and use that as a HELO string. That's an argument against rejecting on verify=helo, not an argument against relaxing the current reverse lookup behaviour. In general, rejecting on verify=helo is a bad idea for many more reasons than just incorrect reverse lookups. - Marc -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/