OOT: Mail rejected with bogus helo

Matt Kettler mkettler at evi-inc.com
Thu Apr 17 17:59:52 IST 2008

Glenn Steen wrote:

>>  Also, this thread is about using an IP as a HELO, which is NOT a malformed
>> HELO per the RFCs. Therefore it is still against the RFCs to refuse mail
>> because the HELO is an IP address.
> Are you thinking "a plain word that looks like an IP address" then?
> Cause I'm pretty sure (boy am I going to get it... Haven't reread the
> exact wording:-) that the demand is for Ip address literals, like
> Steve points out, not a domain name looking like an IP address...
> Oh well.

Erm, I'm not sure what difference you're implying exists between "a plain word 
that looks like an IP address" and an "IP address literal". I'm also not sure 
what you mean by "a domain name looking like an IP address".

The HELO string in question was "", sans quotes, which matches 
RFC2821's definition of IPv4-address-literal in section 4.1.3, which is in turn 
a sub-type of address-literal in 4.1.2. This makes it 100% valid syntactically.

Of course, exposing a non-routable IP as a HELO is obviously bogus information, 
but it is not syntactically invalid. Thus, blocking based on it is technically 
against the RFCs. However, I'd expect some sites will block this, since the 
information presented is obviously invalid.

More information about the MailScanner mailing list