My question is what can I do, or tell my customers they can do to avoid this? I have added their IP address to the trusted IP Addresses page, but this is a large company with branch offices all over the country, so I'm sure they may have more than one mail server out there. Is it safe to not use Verify HELO/EHLO Domain?
Although a HELO/EHLO test makes for a very good spam test, it is a very bad one to block on (it is best used in a weighting system). I know of an organization with hundreds of branches through the country that fails this test. It just isn't something that mailserver admins take seriously yet. Over the past year or two, they've finally realized that having a reverse DNS entry isn't a security risk (OK, some still have that weird idea, but most no longer do), and have added reverse DNS entries. But valid HELO/EHLO isn't something that many mailserver admins yet care much about. To back it up, there is even an RFC that states that you cannot block mail just because of an invalid HELO/EHLO (I can't imagine *why* they would have specified that, though).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
