On Thu, Jun 10, 2004 at 09:19:13AM +0100, Tony Finch wrote:
> Suresh Ramasubramanian wrote:
> > Avleen Vig wrote:
> > >
> > > and, iirc, RFC says you shouldn't reject because of HELO data :-(
> >
> > I disagree. The RFC at most says you shouldn't 5xx right at HELO
> > 5xx'ing at RCPT TO based on HELO data is a perfectly valid way to go.
>
> The RFC says:
>
> An SMTP server MAY verify that the domain name parameter in the EHLO
> command actually corresponds to the IP address of the client.
> However, the server MUST NOT refuse to accept a message for this
> reason if the verification fails: the information about verification
> failure is for logging and tracing only.
And it doesn't say "MUST NOT reject at the EHLO stage", it says "MUST
NOT refuse to accept a message" which means that those of us who reject
at RCPT TO because of something in the HELO greeting are being naughty.
No matter. I am not going to stop rejecting incoming mail that puts our
domain name in the HELO parameter. The RFC really needs to be updated.
--
Bruce
I see a mouse. Where? There, on the stair. And its clumsy wooden
footwear makes it easy to trap and kill. -- Harry Hill