On Sun, 2 May 2004, Kjetil Torgrim Homme wrote:
> you are probably thinking of section 4.1.4, which is about much stricter
> checking:
>
> An SMTP server MAY verify that the domain name parameter in the EHLO
> command actually corresponds to the IP address of the client.
> However, the server MUST NOT refuse to accept a message for this
> reason if the verification fails: the information about verification
> failure is for logging and tracing only.
This issue has been discussed many times before!
Any MTA is entitled to apply some kind of acceptance policy, and tests
on the HELO/EHLO string could very well feature in that policy, no
matter what the RFC may say. We're just dealing with thousands of
cases where phishers send "HELO barclays.co.uk", and the body of the
mail asks the recipient to reveal their bank account details. I have
no hesitation in blocking these attempts, no matter what the RFC
thinks about it. In fact, now that I'm aware of the fraud, I would
probably be criminally negligent if I didn't try to block it, no
matter what the RFC might say.
