Paul Smith wrote:
Not sure I understand that.
It is totally valid to do:
EHLO mail.spammer.com
MAIL FROM:<[email protected]>
The EHLO name bears no resemblance to the sender's email address. Doing
an SPF on the EHLO name is pointless, as all that tells you is that the
sending host is 'mail.spammer.com'.
hmmmmm, if an incoming client issues
EHLO mail.winserver.com
which is our domain and its not part of our IP network, its a clear
LMAP DOMAIN::IP violation, thus rejectable with 100% no false
positions (or true negatives depending on your POV).
I would hope other remote systems would help themselves by using the
expose information we provide for client machine::IP associations.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
