On 4/17/2023 9:19 PM, tom--- via Postfix-users wrote:
I saw many peer MTA connecting me with this default HELO hostname:
localhost.localdomain.
is this a FQDN? is it valid?
Yes, it's FQDN and valid from a syntax standpoint.
That said, it's a strong spam indicator and should never be seen
from an external connection.
I guess the spammer thinks this will trick your server into thinking
it's local mail, or confuse someone reading logs or headers. Since
I'm not a spammer, I don't know the actual motivation for this.
You can easily reject these with a check_helo_access map.
-- Noel Jones
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
