On 2022-08-11 at 07:56:41 UTC-0400 (Thu, 11 Aug 2022 12:56:41 +0100)
Nick Howitt <n...@howitts.co.uk>
is rumored to have said:
I can't use reject_unknown_client_hostname as I know at least one
major ISP in the UK has their mailserver announcing a ???.local or
???.lan domain.
On 11.08.22 09:23, Bill Cole wrote:
1. Ewww. That's so '90s.
2. The HELO name is not relevant to reject_unknown_client_hostname.
There is a reject_unknown_helo_hostname restriction, but I suspect it
only exists for logical completeness, as using it would be infeasible
on any machine acting as a MX.
perhaps the announcing didn't mean helo strings but PTR records of that ISPs
IP addresses
Also don't the RFC's require an FQDN as a hostname but it does not
necessarily need to be valid? Or am I thinking of something else?
The phrase "RFC's require" is fraught with potential for
misinterpretation.
The HELO/EHLO name SHOULD be a FQDN, it SHOULD be resolvable by any
machine that sees it via an A or AAAA record, and it SHOULD resolve
back top the connecting IP address. RFC821 and its successors have all
said something like that but they have also all said you MUST NOT
reject messages solely because the HELO name is wrong.
to be more precise:
You MUST NOT reject HELO string because it contains something else than you
expect (doesn't match your idea of remote host name).
you still may reject HELO string because it contains something you don't
like, like "aol.com", your own hostname, *.lan etc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
