Author: Marc Perkel Date: To: exim-users Subject: Re: [exim] Paging Marc Perkel: rDNS on junkemailfilter.com checking
host(s)
Jakob Hirsch wrote: > Quoting Larry Rosenman:
>
>
>>>> Nov 8 08:12:24 thebighonker exim[32310]: H=5.ctyme.com
>>>> (pascal.ctyme.com) [69.50.231.5]:35579 I=[192.147.25.65]:25
>>>> Can you get the rDNS to be more legitimate?
>>>>
>>> What's wrong with that rDNS? Is it because of the 5? That seems like
>>> a bit of an overzealous rule on your part, Larry.
>>>
>>> - Marc (not Perkel)
>>>
>> It doesn't match the host name in the HELO, doesn't match the domain name in
>> the MAIL FROM:<>.
>>
>
> I'm really reluctant to answer back for MP, but: So what? There is
> nothing saying it has to be this way. The only guarantee for the HELO
> host name is that it exists (which you can check) and belongs to the
> client host (which you cannot check, for 'check' being anything better
> than 'guess'). And if you look closely, the EHLO name resolves to just
> the client's source IP address, which is not even necessary for
> compliance, but should really be sufficient if you have such tests.
>
>
>> BUT, from my perspective, as a "junkemailfilter", the DNS should be perfect
>>
>
> I will not comment on this...
> It's an interesting issue. I use several IP addresses and sometimes I
have to switch IP addresses because I'm wringly blacklisted. So to do it
right my HELO would need to change dynamically as the IP changes. Is
there a way for the HELO to be the reverse lookup of the IP the request
is being made on?