Am 13.09.2014 um 15:10 schrieb LuKreme: > On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: >> Am 12.09.2014 um 21:49 schrieb Philip Prindeville: >>>> However, any time I connect via telnet to this server and specify >>>> *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions >>>> won't trigger. >>> This is both legal and reasonable. >> >> it maybe true but it is *not* reasonable > > What do you base that on?
you stripped that part from my quote because it is *easy* to do it right if someone is not able to determine his public hostname and IP he better don't setup a MTA the same way as your internel PTR and A record don't count in the internet your internal hostname also is not relevant - set the HELO name to the public one matching the public DNS redcords and if you don't know where to do so don't setup a public mailserver > What problem are you having that you are trying to solve? have you ever seen a non-spam connection on a inbound MX with such a HELO - yes it happens 1 out of 100000 and only because people continue to tell it is reasonable instead block such connections
