[Wylug-discuss] Re: SMTP standards (was Please confirm...)

James Holden wylug at jamesholden.net
Sun Mar 28 22:29:59 BST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

gARetH baBB wrote:
| On Sun, 28 Mar 2004, Peter Corlett wrote:
|
|
|>It's not lost, it's just not being accepted. That's a subtle, but
important
|>distinction.
|
|
| Nah, I reject - at the RCPT stage. Which means technically, I'm not
| actually rejecting the HELO ...

Duh, the decision to reject the mail is still based on the same set of
facts (although it wouldn't break any rules to just discard the mail).
Lots of sites are misconfigured, but try explaining that to your irate
boss when his mails get rejected. You can't 550 a P45.

Examples of sites who have broken outbound mail relays include
orange.net and blwy.co.uk (Business Link). I deal with both these
outfits quite a bit, and rejecting mail from them would be plain stupid.

| Something coming in with a HELO of my IP or my domain is obviously bogus,
| I'm not interested in what they have to offer and I haven't seen anything
| in the logs but obvious spam runs using such tactics.
|
| buggles, which isn't even the primary MX for ccl4.org, rejects loads of
| shit just through bogus HELO - there's a long run which has been going on
| for days at the moment, it must have rejected 100s of spam this week
| through that simple check alone.

And it blocked legitimate mails too. 100s of them.

| One of the past tedious Windows virus sent an unqualified HELO (ie. just
| the machine name), none of that got through either and that was thousands
| of the silly things.

See above.

|>The contents of RFC 821 are moot, as it is obsoleted by RFC 2821. RFC 821
|>should only be read if one is looking for a historical perspective, and
|>definitely not as a standards document.
|
|
| Quite a number of systems block on bogus HELO, including Nigel's exim
| setup which this list is on - he does actually reject at HELO.

That's "broken" too then. Nigels exim setup also does sender
verification, which IMO is far more sensible than rejecting at the EHLO
stage. joe at company.com still exists, even if postmaster at company.com is a
clueless twerp (who's probably using MS Exchange).

"An SMTP server MAY verify that the domain name parameter in the EHLO
command actually corresponds to the IP address of the client.
However, the server MUST NOT refuse to accept a message for this
reason if the verification fails: the information about verification
failure is for logging and tracing only."

Emphasis *not* added by me.

James

- --
James Andrew Holden, Leeds, UK    (james at jamesholden dot net)
GPG Key: 1024D/8358863A    *Please encrypt mail where possible!*
Fingerprint:  32C9 A76F 3CFE A06C 1B00  5AAB 9877 4742 8358 863A
jamesholden.net ICQ: 11290827 >Buy Linux CDs from fastdiscs.com<
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAZ0PXmHdHQoNYhjoRAk28AKDAqj9fMnJHO7yyK+JeDBKcJ1d8qACaA1jc
GpmRP6B8KEJLWvvJmiB1XIk=
=/tAt
-----END PGP SIGNATURE-----




More information about the Wylug-discuss mailing list