Re: [Exim] use of _ in HELO... again

Página Inicial
Delete this message
Reply to this message
Autor: Wakko Warner
Data:  
Para: Kevin Reed
CC: exim-users
Assunto: Re: [Exim] use of _ in HELO... again
> > Anyone have any thoughts of how to combat stupid management?
>
> I ran into this with a division which had a lot of clout and who basically
> told us that they were unable to correct their applications because....
>
> o They had been working as they have for more than 2-1/2 years already so
> what was the big deal.


This is what management here is telling me. He does not want to contact the
offending party just to hear this kind of excuse and will not do so.

> This was causing me problems because I didn't want to allow broken headers
> in a new system and up until a day or two ago, I didn't know how to get
> around the problem...
>
> I did however come up with a polite, politically correct and to the point
> method of combating this however...
>
> The current outbreaks of viruses did the trick for me. I pointed out to
> management that though the use of checking for valid headers, we were able
> to significantly reduce the number of attempted injections of viruses into
> the network which would reduce greatly the amount of mail that spent time in
> virus checking and in some cases eliminated any virus problem at all. Many
> viruses use syntactically invalid headers... Double Dashes in the time zone
> is a good example, inbound IP's without valid rDNS is another.


I try this (I've worked here for over 5 years and I know how they work) and
they're going to say "That's why we use virus scanning". I said something
about spam which is quite annoying here. Blocking saves bandwidth. Their
reaction "Spams are small". Don't get me wrong, I do block spams here, but
not as agressively as I used to. They don't want me to maintain any lists.

> The amount of time being spent combating viruses lately has been a big red
> flag to management. With as big a company we are, it is a huge problem
> that some divisions have still not conquered yet with a number of key
> personnel being pulled away from separation projects to deal with the
> issues.


Sobig was a good one for us. 250 emails in the past 3 days contained sobig.
All caught by the virus scanner. I said I could stop them by checking their
HELO strings. Answer "Don't bother".

> We are not complaining about broken HELO's however. Just the rest of the
> headers. But I think you could make the argument the same way. Something
> that I might try after the split when we are much smaller and our resources
> will be much more limited.


Actually, I am =)
Funny thing is, the virii out there don't use _ in HELO names (none that
I've seen yet) or people just don't generally put an _ in their computer
name.

--
Lab tests show that use of micro$oft causes cancer in lab animals