For the record, it is NOT an RFC violation for the EHLO name to
differ from the name in the PTR record of the connecting IP.
On Nov 12, 2019, at 3:52 PM, Bill Cole
<postfixlists-070...@billmail.scconsult.com> wrote:
Right and as was stated & I affirmed: it is explicit in RFC5321 S.4.1.4:
An SMTP server MAY verify that the domain name argument in the EHLO
command actually corresponds to the IP address of the client.
However, if the verification fails, the server MUST NOT refuse to
accept a message on that basis.
On 12.11.19 17:01, Viktor Dukhovni wrote:
The correct way to verify that would be to resolve the EHLO name to
an address, NOT to resolve the address to a name. This would then
find no anomalies with:
Received: from ehlo.example (ptr.example [192.0.2.1])
when ehlo.example also resolves to 192.0.2.1.
I'm afraid this would have FPs too.
postfix supports reject_unknown_helo_hostname which only requires
ehlo.example to resolve. It's even weaker requirement and has FPs too, but
I consider this one just enough
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
