Re: [Exim] AOL - SPF - and EXIM

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Richard Welty
Date:  
À: 'Exim User's Mailing List'
Sujet: Re: [Exim] AOL - SPF - and EXIM
On Thu, 17 Jun 2004 08:40:01 -0400 David Brodbeck <DavidB@???> wrote:
> > From: Greg A. Woods [mailto:woods@most.weird.com]


> > > RFC2821 doesn't allow for rejecting mail just because the IP
> > > does not verify.


> > Where-oh-where did you get that bogus idea from!?!?!?


> > No RFC can ever dictate site security policies!


> I based that comment on this paragraph of RFC 2821, from section 4.1.4:


>    An SMTP server MAY verify that the domain name parameter in the EHLO
>    command actually corresponds to the IP address of the client.
>    However, the server MUST NOT refuse to accept a message for this
>    reason if the verification fails: the information about verification
>    failure is for logging and tracing only.


and i've long wondered why that paragraph is in there, seeing as the
RFC doesn't attempt to prescribe any other site security policies.

i think it's very much out of place and obsolete.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security