Suresh Ramasubramanian wrote:
> Avleen Vig wrote:
> >
> > and, iirc, RFC says you shouldn't reject because of HELO data :-(
>
> I disagree. The RFC at most says you shouldn't 5xx right at HELO
> 5xx'ing at RCPT TO based on HELO data is a perfectly valid way to go.
The RFC says:
An SMTP server MAY verify that the domain name parameter in the EHLO
command actually corresponds to the IP address of the client.
However, the server MUST NOT refuse to accept a message for this
reason if the verification fails: the information about verification
failure is for logging and tracing only.
I'm not entirely sure if this permits rejections for other policy reasons,
e.g. bare IP addresses, unqualified domains, saying the receiver's name
instead of the sender's. The latter especially is very close to the
forbidden reason.
--
Tony Finch <dot@???>
http://dotat.at/
