Re: [Exim] Trying to compare HELO data with actual host info…

Top Page
Delete this message
Reply to this message
Author: Greg A. Woods
Date:  
To: Marc MERLIN
CC: Exim List
Subject: Re: [Exim] Trying to compare HELO data with actual host info in a filter...
[ On Wednesday, September 19, 2001 at 12:54:26 (-0700), Marc MERLIN wrote: ]
> Subject: Re: [Exim] Trying to compare HELO data with actual host info in a filter...
>
> On Mon, Sep 17, 2001 at 04:40:06PM +0100, Alan Thew wrote:
> > The following type of thing happens all the time
> >
> > Received: from 209-187-167-231.hsacorp.net ([209.187.167.231]
> >     helo=hotmail.com)

> >
> > I would like to compare the actual rDNS data with the HELO info in the
> > specific case of hotmail.
>
> I don't recommend you do this though.
> Of course, Greg Woods wrote long mails to explain why it's good,


Ah, no, that's what I wrote about at all. I said almost NOTHING about rDNS!

Get your facts straight Marc!

(And fix your broken DNS too!!!!)

> Greg's setup reject my mails because EHLO says magic.hdqt.valinux.com but
> the connection comes from nat-hdqt.valinux.com.


Yes. You are clearly violating paragraph one of RFC 1123 section 5.2.5.

Regardless of what paragraph two says I'm holding you to the rule in
paragraph one.

Oddly your site is one of very very few that have trouble sending me e-mail.
Most people manage to configure their mailers and DNS properly and
everything works fine.


> In other words, filtering on EHLO/HELO is typically bad news, you'll break
> some perfectly valid setups.


It only breaks broken setups. Your setup is not valid. You are clearly
violating the RFCs and hindering clear communications. It wouldn't be
so bad if you were running some off-in-the-corner commercial vendor
site, but no instead you're running the site hosting one of the more
central public forums on open source development. I would have thought
someone in our position would have the common courtesy to at least try
to correctly configure his systems so that


BTW your DNS setup is still broken too. Simple queries with a tool like
'host' point these out with glaring clarity. For example.

$ host -A mail.sourceforge.net
!!! mail.sourceforge.net address 216.136.171.198 maps to usw-sf-lists.sourceforge.net

$ host -A externalmx.VALINUX.COM
!!! externalmx.VALINUX.COM address 198.186.202.147 maps to panoramix.valinux.com


> (and since you don't know me, I'm very anal about people sending mail with
> correct headers: I have exim callbacks enabled, and also reject your mail if
> you don't have a postmaster account at your header and envelope sender
> domains)


You still have a lot to learn about what "correct headers" means, and
the difference between headers and the SMTP envelope.....

Your mailer is now so completely broken that I can't send e-mail at all
to your postmaster address, or to many of the lists hosted at
sourceforge. I've been trying to e-mail you about bounces I'm getting.

Have a look in your mail queue for this one:

   The message identifier is:     15jNUa-0004qE-00
   The subject of the message is: your internal mail delivery system is borked
   The date of the message is:    Sun, 16 Sep 2001 13:12:45 -0400 (EDT)


According to the bounces I've received in recent days the reason given
is:

    Delay reason: SMTP error from remote mailer after end of data:
    host mail.sourceforge.net [216.136.171.198]: 451-Envelope sender verification failed
    451 rejected: can't currently verify any sender in the header lines (envelope sender is <woods@???>). Are you sure your domain in From:
    and/or Reply-To: resolves from the internet (host -t MX domain) and can be connected back to for delivery of replies? - Failure is temporary, you can try again later



Clearly your own nameserver can in fact find records for my sender
address domain:

$ host -a proven.weird.com ns1.valinux.com
proven.weird.com        TXT     "unless it is proven, it can not be weird"
proven.weird.com        HINFO   "IBM-PC-325"    "NetBSD-current/i386"
proven.weird.com        MX      1 proven.weird.com
proven.weird.com        MX      10 becoming.weird.com
proven.weird.com        MX      100 mail.weird.com
proven.weird.com        A       204.92.254.15



Of course I don't know if your mailer is using one of your own published
nameservers or not......

-- 
                            Greg A. Woods


+1 416 218-0098      VE3TCP      <gwoods@???>     <woods@???>
Planix, Inc. <woods@???>;   Secrets of the Weird <woods@???>