Re: [exim] check_helo_slow?

Top Page
Delete this message
Reply to this message
Author: Tony Finch
Date:  
To: Alan J. Flavell
CC: Exim users list
Subject: Re: [exim] check_helo_slow?
On Tue, 11 Jan 2005, Alan J. Flavell wrote:
> On Mon, 10 Jan 2005, Tony Finch wrote:
>
> > Nevertheless, 1/3 of legitimate senders have broken HELOs
>
> That depends on your definitions of "legitimate" and "broken".


By "legitimate" I mean not spammers or viruses.

By "broken" I mean that the stated HELO name does not resolve to an IP
address list which includes the client's IP address. (This is slightly
weaker than Exim's verify=helo check.)

> > (whether hostnames or IP addresses)
>
> Could you be a bit more definite about the rating criteria that you
> used to come up with this figure, please?


http://www.livejournal.com/users/fanf/30030.html

I haven't done a detailed analysis of IP literal HELO names, but a quick
glance confirms that they are used by some sites that appear to be
legitimate, and a significant proportion of these sites state the wrong IP
address.

Tony.
--
f.a.n.finch <dot@???> http://dotat.at/
EAST CENTRAL SECTION: IN NORTH, CYCLONIC 7 TO SEVERE GALE 9, BUT STORM 10 TO
HURRICANE FORCE 12 IN EAST AT FIRST, BECOMING WEST 7 TO SEVERE GALE 9,
DECREASING 5 OR 6 IN WEST LATER. RAIN OR SHOWERS. GOOD FALLING MODERATE OR
POOR FOR A TIME. IN SOUTH, WEST 6 TO GALE 8, DECREASING 4 OR 5. SHOWERS
EASING. GOOD.