> what problem are you trying to solve? > the default config doesn't reject naked IPs in helo.
I descriped the reason why we have to accept such naked ips in my last mail. To the background: The inbound mailsystem for one of our customers was on heavy load around the clock. So we set helo_ and client_restrictions to some usefull values. We have to keep as close to the rfc's as possible, as mails are money in this case. But there are some systems, the most are integrated systems with dial up systems, sending mails with naked_ip in the helo. We have to accept them, but don't want to accept the whole dynamic ip range, as that would be a security risk. but as mentioned right now by some other on the list, the ip must be enclosed by [], so forget this topic =) And by the way: a permit_naked_ip_address in helo restrictions would only lead to an open relay, if the sender_restrictions are garbage, and this way, we will get an open relay anyway. We have tested this with a few different postfix versions today.
