Author: Always Learning Date: To: exim-users Subject: Re: [exim] is verify = reverse_host_lookup a good idea?
On Tue, 2011-03-01 at 22:06 +0100, Karl Fischer wrote:
> I'm using exim for many years now and over time I have developed a
> - more or less - complex set of filtering rules to prevent SPAM.
>
> One of my main assumptions is that legitimate mail servers do (should)
> have proper forward and reverse DNS records - however, that's not
> always the case.
No its not. The UK police suffered from this problem caused by the
behaviour of their contractor Cable & Wireless. That has now been
successfully solved with valid HELO names. They use Exim.
The British heath service (NHS) also issues bogus HELO names.
Unsurprisingly the contractor is again Cable & Wireless.
A small example of organisations unable or unwilling to use resolving
HELO names can be found on sys.u226.com/t21/t21.php
There are a lot of computer 'experts' who don't have a clue how to get
their mail servers' HELO names to resolve. These days even the clueless
pronounce themselves to be 'computer experts'.
Ebay, Micro$oft, Paypal, Facebook and British Telecommunications can not
always get their HELOs correct. Google does, every time.
If you are interested I'll email you my ACLs which test for
non-compliance with our 'standards'.