helo verification
Status: Inactive
Brought to you by:
egoldthorpe
Menu
▾
▴
Logged In: YES
user_id=239889
Date: Tue, 23 Oct 2001 19:21:22 -0700 (PDT)
From: Jason Fesler <jfesler@gigo.com>
To: authd@authd.org
Bcc: Brian Freeman <brian@oopack.com>
Subject: "helo" checking and such
I was recently asked to add in checking for "helo", make
sure that the
strings given there are resolvable. Looking at least at my
own logs,
however, this would do nearly as much harm as good - of the
1% of the mail
that has unresolvable hostnames hitting _my_ system, half
of that mail is
legit but not otherwise triggering any exceptions (and
would be blocked if
I started requiring that HELO be valid).
Anyone have any logs where they think this may
significantly be
helpful, but not harmful? I'd like to do some analysis on
them before
I put the effort in on the code (much less, add it to a
place where
people are likely to shoot their feet off and blame me for
it..).
On a similiar note would be the ability to the reverse DNS
on the
connecting IP. I've had about 5% of the mail sent to my
system have an
unknown host name connecting. 2/3rds of that was refused
for _other_ anti
spam reasons. The remaining one third, nearly all of it is
either
good, or to bad usernames (and being refused by postfix for
having unknown
users). All that said, if you *really* want to refuse
mail from those,
just do a match for "unknown" in the hostname, at least for
postfix.
Other MTA's may have a different representation.
--
--
Jason Fesler <jfesler@gigo.com>
http://gigo.com/resume.html
"Those who give up essential liberties for temporary safety
deserve neither liberty nor safety." - Benjamin Franklin
Logged In: YES
user_id=239889
Date: Tue, 23 Oct 2001 19:21:22 -0700 (PDT)
From: Jason Fesler <jfesler@gigo.com>
To: authd@authd.org
Bcc: Brian Freeman <brian@oopack.com>
Subject: "helo" checking and such
I was recently asked to add in checking for "helo", make
sure that the
strings given there are resolvable. Looking at least at my
own logs,
however, this would do nearly as much harm as good - of the
1% of the mail
that has unresolvable hostnames hitting _my_ system, half
of that mail is
legit but not otherwise triggering any exceptions (and
would be blocked if
I started requiring that HELO be valid).
Anyone have any logs where they think this may
significantly be
helpful, but not harmful? I'd like to do some analysis on
them before
I put the effort in on the code (much less, add it to a
place where
people are likely to shoot their feet off and blame me for
it..).
On a similiar note would be the ability to the reverse DNS
on the
connecting IP. I've had about 5% of the mail sent to my
system have an
unknown host name connecting. 2/3rds of that was refused
for _other_ anti
spam reasons. The remaining one third, nearly all of it is
either
good, or to bad usernames (and being refused by postfix for
having unknown
users). All that said, if you *really* want to refuse
mail from those,
just do a match for "unknown" in the hostname, at least for
postfix.
Other MTA's may have a different representation.
--
--
Jason Fesler <jfesler@gigo.com>
http://gigo.com/resume.html
"Those who give up essential liberties for temporary safety
deserve neither liberty nor safety." - Benjamin Franklin