Re: [Exim] Trying to compare HELO data with actual host info…

Top Page
Delete this message
Reply to this message
Author: Marc MERLIN
Date:  
To: Alan Thew
CC: Exim List
Subject: Re: [Exim] Trying to compare HELO data with actual host info in a filter...
On Mon, Sep 17, 2001 at 04:40:06PM +0100, Alan Thew wrote:
> The following type of thing happens all the time
>
> Received: from 209-187-167-231.hsacorp.net ([209.187.167.231]
>     helo=hotmail.com)

>
> I would like to compare the actual rDNS data with the HELO info in the
> specific case of hotmail.


I don't recommend you do this though.
Of course, Greg Woods wrote long mails to explain why it's good, in an
attempt to justify the overzealous mail bouncing he does (once in a while,
he Emails sourceforge to complain about something and his mail goes go
/dev/null since he bounces replies sent to him)

In my case, at work, I send mail from my workstation, behind a natted
router, and my machine says
EHLO magic.hdqt.valinux.com.
This is an internal domain that doesn't resolve and of course my mail and
envelope headers correctly say valinux.com.

Greg's setup reject my mails because EHLO says magic.hdqt.valinux.com but
the connection comes from nat-hdqt.valinux.com.
I *could* modify my helo to say just "valinux.com" (although I prefer to
leave the helo intact to leave some trace of which internal natted host the
mail came from), but Greg would still reject it because his mail server
would whine that valinux.com != nat-hdqt.valinux.com.
I personally opose to setting my EHLO to nat-hdqt.valinux.com, because
it's silly (especially if I send Emails in my internal domain) and
nat-hdqt.valinux.com doesn't have an MX anyway.

As others have said, it's Greg's right to bounce mail on whatever headers he
wants, and it's my right as a result to have all his mails to valinux.com
and sourceforge.net go to /dev/null (since I can't answer him) :-)

In other words, filtering on EHLO/HELO is typically bad news, you'll break
some perfectly valid setups.
(and since you don't know me, I'm very anal about people sending mail with
correct headers: I have exim callbacks enabled, and also reject your mail if
you don't have a postmaster account at your header and envelope sender
domains)

Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking


Home page: http://marc.merlins.org/ | Finger marc_f@??? for PGP key