[Cialug] MTA HELO
Kevin Smith
kevin at linuxsmith.com
Sun Jan 12 22:25:48 CST 2014
For those interested in this story. Their network administrator sent me a
list of 4 IPs I should Whitelist. Okay, but the IP I'm rejecting mail from
is IP he did not included in the list. And it's only an issue with mail
from that single IP. It's getting a bit odd.
On Jan 12, 2014 4:05 PM, "Kevin Smith" <kevin at linuxsmith.com> wrote:
> Just so it's clear. A lookup of any kind doesn't happen. It's just checks
> syntax.
>
> Relevant Postix settings:
> reject_non_fqdn_helo_hostname (with Postfix < 2.3:
> reject_non_fqdn_hostname)
> Reject the request when the HELO or EHLO hostname is not in
> fully-qualified domain or address literal form, as required by the RFC.
> mail.whatever.foo would actually pass.
> "whatever" would fail.
> [123.123.123.12] would pass as well I think, until it reached below...
>
> reject_invalid_helo_hostname (with Postfix < 2.3: reject_invalid_hostname)
> Reject the request when the HELO or EHLO hostname is malformed.
> [123.123.123.12] would fail.
> "mail/whatever.foo" would fail.
> etc...
>
> The following would do a DNS lookup, but it wouldn't be compliant with RFC
> to reject based on that, so it's rarely used and neither do I.
>
> reject_unknown_helo_hostname (with Postfix < 2.3: reject_unknown_hostname)
> Reject the request when the HELO or EHLO hostname has no DNS A or MX
> record.
>
>
> On Sun, Jan 12, 2014 at 1:28 PM, Paul Gray <gray at cs.uni.edu> wrote:
>
>> On 01/12/2014 01:25 PM, Kevin Smith wrote:
>> > Again it's not a DNS issue.
>>
>> Completely disagree. If the host in the HELO was resolvable, you'd have
>> no problem.
>>
>> -PG
>>
>>
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>>
>
>
More information about the Cialug
mailing list