On Thu, 24 Nov 2011 15:31:59 -0500 Michael Scheidell <michael.scheid...@secnap.com> wrote:
> I wonder what the rfc's say about helo line not matching dns: > Received: from mail.apache.org (hermes.apache.org > [140.211.11.3]) RFC 5321 strongly hints that that is no reason to reject mail. An SMTP server MAY verify that the domain name argument in the EHLO command actually corresponds to the IP address of the client. However, if the verification fails, the server MUST NOT refuse to accept a message on that basis. This doesn't exactly cover your situation... in your situation, the machine calls itself mail.apache.org but 140.211.11.3 reverse-resolves to hermes.apache.org. mail.apache.org, however, resolves to 140.211.11.3. So I would say rejecting mail because of this type of mismatch is against the spirit of the RFC. Regards, David.
