At 12:25 25/06/03 -0500, Bob Apthorpe wrote:
Some caveats: 1) Bogus Received headers are common but always occur below the last legitimate header (once you find one bogus one the rest are probably junk too), 2) envelope sender (helo_name) is often forged,
Just being pedantic here, but the helo name is not related in any way to the envelope sender.
The HELO or EHLO commands are supposed to be used to identify the name of the mail server making the connection, but is essentially meaningless these days and is just a vestige of a time long forgotten when everyone played nice and gave valid information. Think of it as the SMTP equivilent of an appendix :)
The envelope sender is provied in the MAIL FROM: exchange that happens after the HELO/EHLO exchange. Indeed, _both_ are usually forged by spammers....
Regards, Simon
Let's not discount the value of HELO/EHLO or the appendix just yet. The biggest danger of a bad appendix it the amount of bacteria contained therein. Yet, without this bacteria, we have problems recovering water from the digested food. Certain of the bacteria may also help digest meat (aaahh--flesh eating bacteria!).
We _can_ function without it. It _may_ be vestigal. But, when it is there and working properly, it helps it meat.
I'm talking about the appendix.
A correct HELO/EHLO helps us troubleshoot mail or mailers gone astray.
Is it time to go home yet?
------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
