Greylisting...

mikea mikea at mikea.ath.cx
Mon Sep 25 22:50:16 IST 2006 

On Mon, Sep 25, 2006 at 11:14:25PM +0200, Glenn Steen wrote:
> On 25/09/06, John Rudd <jrudd at ucsc.edu> wrote:
> > Glenn Steen wrote:
> >
> > > Just a small observation: I see that you (IMO rightly) reject the
> > > domain literal (MX IP address) too... This _technically_ breaks RFC
> > > compliance.
> >
> > There was just a discussion about this over on the mimedefang mailing list.
> >
> > What the RFC (2821?) prohibits is rejection based on the HELO/EHLO given
> > hostname not resolving to the IP address of the submitter.
> >
> > You can reject for other reasons.  Like they gave you your own domain
> > name.  Or your own IP address.  That's rejecting for a different reason
> > than "the IP address and Hostname don't match".  As long as the reason
> > isn't literally "I looked up the name they gave me in the Helo, and it
> > didn't resolve to the IP address I'm talking to".
> >
> > Them giving you your own hostname, of course, is logically the same as
> > them giving you a hostname that doesn't match their IP address, but your
> > reason for rejecting it is "it's _MY_ hostname", so that doesn't violate
> > the RFC prohibition.
> >
> Yes, that is exactly why it is a good idea. Either a case of bad
> memory on my part then, or simply a case of 2821 superseding some
> other rfc that I have this dim recollection of:-).

A box HELOing as, say, 192.149.244.25 is not HELOing with a valid
domain literal; that would be [192.149.244.25] _with_ the []. The HELO
string 192.149.244.25 is a HELO as a machine in the bogus top-level
domain "25", and I'll reject that out of hand without any compunction
or regret.

(Sorry, Julian, that we're dealing with so much that is at best
peripherally related to MailScanner. Maybe someone needs to host
a parallel list for MTA configurations as used with MailScanner?
Or folks could subscribe to the MTA-related lists and/or watch the
comp.mail.sendmail and other MTA-related newsgroups. I admit that
those lists and groups are populated in part by folks who have some
animus for those whose expertise is, like mine, minimal, and that
there frequently is more heat than light there, but Good Things also
are to be found there.)

-- 
Mike Andrews, W5EGO
mikea at mikea.ath.cx
Tired old sysadmin

More information about the MailScanner mailing list