On 14 Sep 2020, at 11:22, John Hardin wrote:
On Mon, 14 Sep 2020, Philipp Ewald wrote:
Does anyone else checks the HELO/ELHO?
I don't check for FCrDNS explicitly, but I do reject non-FQDN HELO
strings (e.g. no dots present) from the Internet. That catches a
surprising percentage of garbage up front.
Is that after passing a greeting delay?
I get a fair stream of no-dot EHLO/HELO names, but nearly all of it is
caught by postscreen as the introduction being offered before the
greeting banner has been fully sent. Just 11 instances of just 2 unique
IPs giving an unqualified name after waiting for the banner in recent
weeks, vs 12k fast-talkers.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
