On Tue, 11 Jan 2005, Alan J. Flavell wrote:
> On Mon, 10 Jan 2005, Tony Finch wrote:
>
> > Nevertheless, 1/3 of legitimate senders have broken HELOs
>
> That depends on your definitions of "legitimate" and "broken".
By "legitimate" I mean not spammers or viruses.
By "broken" I mean that the stated HELO name does not resolve to an IP
address list which includes the client's IP address. (This is slightly
weaker than Exim's verify=helo check.)
> > (whether hostnames or IP addresses)
>
> Could you be a bit more definite about the rating criteria that you
> used to come up with this figure, please?
http://www.livejournal.com/users/fanf/30030.html
I haven't done a detailed analysis of IP literal HELO names, but a quick
glance confirms that they are used by some sites that appear to be
legitimate, and a significant proportion of these sites state the wrong IP
address.
Tony.
--
f.a.n.finch <dot@???>
http://dotat.at/
EAST CENTRAL SECTION: IN NORTH, CYCLONIC 7 TO SEVERE GALE 9, BUT STORM 10 TO
HURRICANE FORCE 12 IN EAST AT FIRST, BECOMING WEST 7 TO SEVERE GALE 9,
DECREASING 5 OR 6 IN WEST LATER. RAIN OR SHOWERS. GOOD FALLING MODERATE OR
POOR FOR A TIME. IN SOUTH, WEST 6 TO GALE 8, DECREASING 4 OR 5. SHOWERS
EASING. GOOD.
