On 2011-10-10 12:22, Pim Zandbergen wrote:
For a couple of weeks I have been using "reject_unknown_helo_hostname" inmy "smtpd_helo_restrictions". This has helped to reject some 500 unsolicitedmail messages per day, on a total of around 1500.Unfortunately, I've had to whitelist some 10 mail servers that are misconfigured but legitimate. I tried to educate each and everyone of their admins. Only oneadmin changed their system's helo name; their system runs Postfix...All the other are Exchange servers or MailMarshal admins that keep claimingit's our problem, because everyone else accepts their mail.It would help if there were some authoritative online SMTP test server
Why ? How would that help YOU in this scenario ?The fact is that, even though RFC 5321 mandates the use of a valid hostname in EHLO, many mail server systems don't provide one.
Just stick to reject_invalid_helo_hostname to catch the more egregious offenders - or make up your own rules with a check_helo_access map:
http://www.postfix.org/postconf.5.html#check_helo_access
You can combine complex regular expressions and file- or network lookups.
--
J.
