Re: [exim] Hostnames

* on the Mon, Nov 06, 2006 at 10:27:45PM +0100, Steffen Heil wrote:

> Is there a valid reason for a mail server to connect to my mailserver from
> the same ip with different hostnames (as told in helo/ehlo)?
> I am thinking about blacklisting ips that tell me more then 3 hostnames from
> the same ip within less than 24 hours for about a week.
>
> Every legal mailserver I know always connects using the same helo name.
> But a lot of spammers connect multiple times using different helo names from
> the same ip.
>
> Any thoughts on this?

I run a system that behaves in the way you're describing, perfectly
legitimately. There are six smtp servers "behind" a load balancer
that works using LVS. The six smtp servers are on private lan ip's,
but all outgoing connections from them appear from the same single
ip address (NAT). They each have different hostnames starting
mail1-mail6.

Our customers can relay mail through this setup using ASMTP.

Mike