Re: [Exim] forged HELO/EHLO addresses

On Mon, Nov 10, 2003 at 03:51:01PM -0000, Simon Bell said:
> What do the rfc's say about this? Is it required that an mta has a
> non-forged helo/ehlo and do rfc's allow a mail to be rejected for this
> reason?

At this point in spam wars, the exact verbage of the RFC's is a
non-issue. If someone connects to you and gives YOUR hostname or IP
address, it's obviously (IMHO) grounds for denial. Ditto for claims of
being yahoo or hotmail. Beyond that, I found very little checking of
HELO that doesn't cause some false positives. In fact, Exim (correctly)
denies host names with the underscore character - a check I found I had
to disable due to the massive number of clueless non-conforming sites
out there.

One other check I DO use, is deny ANY IP address used in a HELO, but
that has required me to whitelist certain clueless sites that use crappy
firewall / email proxy software.

There is no good excuse for any site to use an invalid HELO, but that
doesn't stop a HUGE number of sites from using them.