> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of John Buysse > Sent: vrijdag 25 maart 2005 20:53 > To: mimedefang@lists.roaringpenguin.com > Subject: Re: [Mimedefang] OT: New Sendmail spam block > > > I am with one of the universities Ben is dealing with. I was quoting > RFC 2821, not RFC 821. We are not rejecting messages with an invalid > HELO command based on RFC 1123, as we are not verifying the the info > provided. We are rejecting messages with an invalid HELO > command based RFC 2821.
Then I would say you are doing a good thing. I do the same. :) > If a remote server uses one of our IP's in the HELO > command, our servers will reject the message. I also reject on every HELO name which is in class=w (sendmail), but connects with the wrong IP (including, but not limited, to addresses which resolve to 'localhost', but are not from 127.*). Very effective, too. A lot of spammers seem to think that you will somehow give them a passepartout if only they use your hostname for HELO. ;) That logic has always escaped me; for even if I were not monitoring HELO names, connecting with such faked, local HELO names means absolutely nothing to sendmail, in terms of giving out extra credit. All a spammer really does that way, is unequivocally announce and confirm his own status as a bonafide spammer. - Mark System Administrator Asarian-host.org --- "If you were supposed to understand it, we wouldn't call it code." - FedEx _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang