Re: [exim] Frankenstein exim.conf

Top Page
Delete this message
Reply to this message
Author: ROGERS Richard M
Date:  
To: 'exim-users@exim.org'
Subject: Re: [exim] Frankenstein exim.conf
On Fri, 2 May 2014, Dave Lugo wrote:
> On Fri, 2 May 2014, Todd Lyons wrote:
> >> Twice from the same IP address every 10 minutes non-stop, then again
> >> from another IP address in the range 213.199.154.xxx
> >>
> >> 2014-05-02 00:12:07 H=mail-db3lp0077.outbound.protection.outlook.com
> >> (emea01-db3-obe.outbound.protection.outlook.com)
> [213.199.154.77]:43163
> >> I=[95.172.15.115]:25 rejected EHLO or HELO
> >> emea01-db3-obe.outbound.protection.outlook.com: [2B02] Rejected.
> Not
> >> identical. IP host = mail-db3lp0077.outbound.protection.outlook.com;
> >> HELO = emea01-db3-obe.outbound.protection.outlook.com
> >
> > If you're going to require that rdns and forward dns are identical,
> > you're going to have lots of issues with receiving mail from large
> > systems.
> >
>
> This isn't even that - he's requiring that HELO and rDNS are identical.
>
> I personally would not do this, but it might be ok for a hobbyist site.
> That said, checking that they are both in the same domain is useful.
>
> Dave Lugo   dlugo@???    LC Unit #260   TINLC



RFC5321 says (in section 4.1.4):
An SMTP server MAY verify that the domain name argument in the EHLO command actually corresponds to the IP address of the client. However, if the verification fails, the server MUST NOT refuse to accept a message on that basis.

... and I would call it - ahem - "courageous".

Regards

Richard