Re: [exim] verify = helo, PTR record lookup

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M-\MMarc Sherman at <-
M\MMRenaud Allard at ->
Delete this message
Reply to this message
Author: Thomas Jacob
Date:  
To: exim-users
Subject: Re: [exim] verify = helo, PTR record lookup
> > I realise that technically speaking C) doesn't conform to
> > RFC 2821, but there seems to be a relevant number of legitimate
> > MTA's out there, that sends mail using an IP with a reverse lookupable
> > PTR
> > record, that points to their HELO string, which in turn points to
> > something stupid.
> >
> > And HELO-strings are worthless for IDing the true origin of
> > an email anyway, but the PTR records of the IPs of
> > compromised systems cannot easily be manipulated by spammers,
> > but of course, they could simply do a PTR lookup of
> > the spam zombie host and use that as a HELO string.
>
> That's an argument against rejecting on verify=helo, not an argument
> against relaxing the current reverse lookup behaviour.
>
> In general, rejecting on verify=helo is a bad idea for many more reasons
> than just incorrect reverse lookups.

Precisely, that's why do not use "verify = helo" for rejecting emails,
instead
I use it to exempt MTAs with a valid helo string from some other
processing, and for that a check helo str=simple reverse lookup
would be nice thing to have.

Is there perhaps a way to achieve this using other Exim features?



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] verify = helo, PTR record lookup[exim] weird local domain name->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)