Two other users replied to your question. For real-world mail servers, my experience is that the only safe restriction (safe = no false positives) is "reject_unknown_reverse_client_hostname".

Irrelevant to HELO argument filtering.

On 18.11.19 18:10, Gregory Heytings wrote:
Relevant to rejecting emails. Perhaps I should have written "the only safe reject restriction at that stage of the SMTP session". Once again, the string that follows HELO/EHLO is purely informational, it should not be used for filtering purpose.

Incorrect, content of helo might be safely used for filtering purposes.
hosts pretending to be you are safe to be rejected.

The OP asked "is it safe", without explaining what "safe" means for him. For me it means "safe in general", in particular for servers handling large amounts of email.

Care must be taken about what is being rejected.

Examples are bogus or invalid helo (reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname), helo pointing to nonexistent hostname
(reject_unknown_helo_hostname) helo pretending to be the destination
domain/server (put your server name and IP here) and some others
("hotmail.com" hlo was common for spambots some time ago).

Rejecting mail is a far better choice than delivering to a 'spam box' since most users never bother looking there for anything. Rejections at least stand some chance of making enough noise on the sender side to get misconfigurations fixed.

IMO this is naive. As Kris Deugau wrote in most cases nobody ever looks at that noise, your users will just not receive their email.

A common answer to this is that the sender was supposed to get
error message. Since the message might be rejected anywhere between sender
and recipient, it's usually a must.

And for the particular question of the OP ("HELO <ip address>") there is not even a reason to consider that it is a "misconfiguration", given that what you call a "misconfiguration" is explicitly permitted by the standards. I agree with you that "there are no RFC police". But the purpose of RFCs is cooperation.

It is true indeed that most users do not look at their spam folder, but they can (and should) be educated to do so, given that every spam filtering system I know of has false positives.

If you want to receive any possible spam and send them to spam folder, it's
completely up to you. Just note that people with too many spams in spam folder
may start ignoring it and complain...

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.

Reply via email to