On Thu, 21 Aug 1997, John Henders wrote:
> I know there's been discussion of the perils of validating connections
> on the basis of dns mismatch, but I think it would be a good idea if
> exim could at least be set to check on an outside machine claiming to be
> the mail host exim is running on itself. I've seen several auto-spam
> programs now that seem to be set to claim to be the machine they are
> connecting, as a sneaky way of avoiding blocking lists.
RFC 821 specifically forbids refusal of mail on the basis of what the
sending host sends in the HELO/EHLO command. However, you can get Exim
to check it. Just set the helo_verify_hosts or helo_verify_nets option.
Perhaps it should always do this if the outside host claims to be the
host Exim is running on, or one of its local domains. Idea noted.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
