On Fri, 2 May 2014, Dave Lugo wrote:
> On Fri, 2 May 2014, Todd Lyons wrote:
> >> Twice from the same IP address every 10 minutes non-stop, then again
> >> from another IP address in the range 213.199.154.xxx
> >>
> >> 2014-05-02 00:12:07 H=mail-db3lp0077.outbound.protection.outlook.com
> >> (emea01-db3-obe.outbound.protection.outlook.com)
> [213.199.154.77]:43163
> >> I=[95.172.15.115]:25 rejected EHLO or HELO
> >> emea01-db3-obe.outbound.protection.outlook.com: [2B02] Rejected.
> Not
> >> identical. IP host = mail-db3lp0077.outbound.protection.outlook.com;
> >> HELO = emea01-db3-obe.outbound.protection.outlook.com
> >
> > If you're going to require that rdns and forward dns are identical,
> > you're going to have lots of issues with receiving mail from large
> > systems.
> >
>
> This isn't even that - he's requiring that HELO and rDNS are identical.
>
> I personally would not do this, but it might be ok for a hobbyist site.
> That said, checking that they are both in the same domain is useful.
>
> Dave Lugo dlugo@??? LC Unit #260 TINLC
RFC5321 says (in section 4.1.4):
An SMTP server MAY verify that the domain name argument in the EHLO command actually corresponds to the IP address of the client. However, if the verification fails, the server MUST NOT refuse to accept a message on that basis.
... and I would call it - ahem - "courageous".
Regards
Richard
