Matus UHLAR - fantomas wrote:
On 30.11.07 06:06, Ben Spencer wrote:
Some sendmail milters due look at that banner. And perform lookups on it.
One which comes to mind is milter-spiff (SPF checks). A misconfiguration
host with misleading banner information may also contain other
misconfiguration which, while may not allow spam, may cause some MTAs to
reject the message.
they are rejecting what? are they rejecting client if HELO command does not
match reverse lookup on connecting IP? if so, that's clear violation of
RFC2822. You can score. You can reject because of other reasons (and
rejecting because someone's trying to fake your mailserver is good).
But not just because the HELO is not what the reverse lookup says.
RFCs say:
1. helo should be a fqdn.
2. you should not reject based on helo.
But if 99.999% of connections that helo with a single word are bots,
then you have a legitimate reason to reject based on helo, imo.
Ken
--
Ken Anderson
Pacific.Net
