Re: [Exim] AOL - SPF - and EXIM

>From: "Alan J. Flavell" <a.flavell@???>
>To: Exim Users <exim-users@???>
>Subject: Re: [Exim] AOL - SPF - and EXIM
>Date: Thu, 10 Jun 2004 11:59:00 +0100 (BST)
>
>On Thu, 10 Jun 2004, Bruce Richardson wrote:

...

>> No matter. I am not going to stop rejecting incoming mail that
>> puts our domain name in the HELO parameter. The RFC really needs
>> to be updated.

Neither will I stop rejecting incoming mail that puts our domain
name in the HELO parameter. Or the name of one of the mail domains
we handle. Or badly configured clients that think they're called
"localhost", "localhost.localdomain" etc.

>The effect would be short-term anyway. If substantial amounts of
>spam were being rejected on the grounds of bad HELO domain - then
>the spammers would simply stop doing it. The rejection method
>only works for us because we're in a minority, is the truth of the
>matter, I'm afraid. Doesn't mean I'm not going to use it as long
>as it seems to be useful, though.

Agreed. However what we're doing here is trying to move ourselves
our of the target zone away from the coarse aim of spammers.
Currently a few simple measures can pay rich dividends. For
example, I fire an RFC1413 request at all connecting clients with a
20 second delay. Decent MTAs can tolerate this with ease. But my
logs tend to fill with lines such as:

2004-06-10 17:40:22 SMTP protocol violation: synchronization error (input sent without waiting for greeting): rejected connection from H=cpc1-lewi3-5-0-cust168.brom.cable.ntl.com [80.6.138.168]

as a result. Can't say I care too much about dialup/broadband/adsl
hosts that trip up this way.