Re: [Exim] AOL - SPF - and EXIM

Top Page
Delete this message
Reply to this message
Author: Mike Meredith
Date:  
To: exim-users
Subject: Re: [Exim] AOL - SPF - and EXIM
On Thu, 17 Jun 2004 09:56:26 -0400 (EDT), Richard Welty wrote:
> On Thu, 17 Jun 2004 08:40:01 -0400 David Brodbeck
> <DavidB@???> wrote:
> > I based that comment on this paragraph of RFC 2821, from section 4.1.4:
>
> >    An SMTP server MAY verify that the domain name parameter in the EHLO
> >    command actually corresponds to the IP address of the client.
> >    However, the server MUST NOT refuse to accept a message for this

                                                       ^^^^^^^

> >    reason if the verification fails: the information about verification
> >    failure is for logging and tracing only.

>
> and i've long wondered why that paragraph is in there, seeing as the
> RFC doesn't attempt to prescribe any other site security policies.


A bit further up in the RFC it says that a sending server MUST use the FQDN
or a bracketted IP address. Now if a server doesn't comply with that, surely
whatever it's sending is just random noise and can't be regarded as a
message ? Checking that the HELO/EHLO parameter matches the connecting IP
address is fraught with interesting difficulties (what if the DNS is
broken?), but obvious brokeness like a single word HELO/EHLO parameter or a
plain IP address (HELO a.b.c.d instead of HELO [a.b.c.d]) is a clear
indication that what's being sent isn't email according to the RFC.

I'm required to offer Internet mail as a service to my users. Not something
that looks like it, but isn't.

--
Mike Meredith, Senior Informatics Officer
University of Portsmouth: Hostmaster, Postmaster and Security
Most politicians think that "ethics" is a county in the south of England.