On 21 Oct 2004, at 21:48, Greg A. Woods wrote:
> [ On Thursday, October 21, 2004 at 18:25:28 (+0300), Stuart Gall
> wrote: ]
>> Subject: Re: [exim] hostname and HELO/EHLO response
>>
>>
>> It might be worth mentioning What RFC ?
>
> RFC 1123 5.2.5
>
> (note that the pending new RFC for SMTP, 2821, says very much the same,
> using approximately the same confusing and misleading wording, though
> of
> course RFC 1123 still prevails as the overall host requirements RFC)
>
>
>> Last RFC I read on SMTP said you are not supposed to reject on helo
>> what ever it contains.
>
> Then you did not quite read it 100% correctly. RFCs cannot dictate
> site
> policies.
Yes but read on .............
The sender-SMTP MUST ensure that the <domain> parameter in a
HELO command is a valid principal host domain name for the
client host. As a result, the receiver-SMTP will not have to
perform MX resolution on this name in order to validate the
HELO parameter.
The HELO receiver MAY verify that the HELO parameter really
RFC1123 MAIL -- SMTP & RFC-822 October 1989
corresponds to the IP address of the sender. However, the
receiver MUST NOT refuse to accept a message, even if the
sender's HELO command fails verification.
>
> What that section in the RFC does say is that a client "MUST" greet a
> server with its true and verifiable canonical hostname.
>
> (of course that RFC is self-contradictory and thus very misleading to
> those who do not first learn what RFCs can and cannot do)
>
> Nobody is forced to do that either -- and many sites will allow SMTP
> clients to lie about their hostname, or to use otherwise bogus or
> invalid hostnames.
Nobody is forced to do anything. I am just saying that the
administrator has configured their server
to tell people to read the RFC when they themselves are violating it.
>
> However the whole point is that if a sending site wants to maximize its
> ability to deliver mail to arbitrary third party domains then it "MUST"
> use its proper, verifiable, canonical, hostname. It's just like going
> to a meeting and lying about your name when you introduce yourself to
> anyone -- the result is not always going to be what you might hope for.
I dont believe anyone except a spammer would deliberately forge the
HELO but many sites have poorly configured servers
when an important client has a badly configured server no one wants to
hear from sysadmin that it is their fault :-(((
>
> (yes the IP address literal trick works most places too, but not
> everywhere)
>
> --
> Greg A. Woods
>
> +1 416 218-0098 VE3TCP RoboHack
> <woods@???>
> Planix, Inc. <woods@???> Secrets of the Weird
> <woods@???>
>
>
-------------------------------------------------------------------
Stuart Gall
Systems Administrator
-------------------------------------------------------------------
No user serviceable parts inside? Ill be the judge of that!
