On 9 May 2004 at 10:45, Maykel Moya wrote about
"Re: [Exim] Relaxing DNS checks":
| > From: Fred Viles <fv+exim@???>
| > To: exim-users@???
| > Subject: Re: [Exim] Relaxing DNS checks
| > Date: Sat, 08 May 2004 22:19:49 -0700
| >
| > On 9 May 2004 at 0:03, Maykel Moya wrote about
| > "[Exim] Relaxing DNS checks":
| >
| > | Exim DNS checks are very restrictive. I just need to ensure that an A
| > | record exists for the incoming ip. How can I achieve that ?
| >
| > I'm not sure why you want to, but:
|
| I was checking with the normal lookups exim does with helo_verify_host.
|...
Which produces *way* too much collateral damage, as there are a
gazillion legitimate MTAs whose HELO name doesn't match thier rDNS
name (if one even exists, it's not required).
Understood. What I don't understand is what good you expect to come
from the test you asked about. In addition to being impossible to
perform, if you could perform it I think you would find there would
be pretty close to zero failures.
So I doubt you said what you really meant. I'd guess what you meant
is that you want to check whether the HELO name (as opposed to
"incoming IP") owns an A record with the correct IP, so I gave one
way to do that.
FWIW, you'll probably find even this test gives too many false
positives to use for rejection. What I do is introduce a 55 second
delay for unverified HELO names, which makes some spamware and a lot
of worms give up and go away.
- Fred
