Sander Holthaus - Orange XL wrote on Tuesday, June 15, 2004 4:36 PM [GMT+4=MSD]:
> This is a most excellent suggestion! It's blocking not just spam but > tons of virusses too! Any ideas on how much legitimate mail is > blocked? Unfortunately too much to be acceptable solution, at least for now in my case (middle size organization with relatively high mail traffic). During two days after turning BOFHCHECKHELO on (first several hours I just was touched looking at shrinked by several times virus and spam logs) I've got so many complaints from users whose mail from many companies was stopped that I had to turn it off again (struggle by selective switching off BOFHCHECKHELO in smptpaccess file turned out too tiresome). It was unbelievable how many SMTP servers are configured in wrong way (in most cases HELO argument isn't server's FQDN as required by RFC 2821), including, for ultimate example, main mail servers of two largest and oldest Russian ISP, Relcom and Demos. So I'd suggest to split HELO check to two or more levels, first of them would be just check that HELO arument is a valid domain name (it should be enough for rejecting majority of worms), and second - full RDNS check. To make world more RFC-compliant nice option would be sending message to the postmaster account of misconfigured server with short explanation of the problem while still accepting mail from that server. -- Alexei. ------------------------------------------------------- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
