Nigel Metheringham wrote:
>
> Personally I don't consider HELO worth checking at all other than the
> common spam case (HELO is my name, or HELO is my IP)
>
as well as this one -.
HELO = LHS of RCPT TO (helo Nigel.Metheringham and rcpt to you)
> You have just re-invented SPF except without the degree of thought and
> design that has gone into SPF. You could implement your policy using
> SPF but you need to be aware that until the whole internet is fully SPF
Oh, it is a lot more ad hoc but helo filtering does work if done
carefully. I'd almost call it HPF / helo permitted from except that it
is empirical and ad hoc in its nature, and does tend to produce a few
false positives (such as msn / hotmail sometimes emitting mail from
servers with an internal domain in the helo [something].phx.gbl)
srs
