Lloyd Zusman wrote:
Bill Taroli <[EMAIL PROTECTED]> writes:
I'm just curious. Having installed 0.47 a couple of weeks ago, I was naturally enthusiastic about the SPF features, and have enabled them (with "all", so I can least gauge the impact of really making them live). But the BOFHCHECKHELO feature by itself has definitely made the DNS misconfiguration of many environments very apparent. I've found myself busy emailing fellow administrators about mail delivery issues that have resulted in more stringent checking of mail servers' identities.
Have others noticed a significant ramp in these sorts of issues with
the strict enforcement of this checking?
It took me some while and a sharp lookout for false possitives, but the situation seems quite stable now.
You don't have to mail the fellow admin, another option is to whitelist the domain. Especially yahoo and hotmail will probably not change thir hello strings for some smalltime mailservers.
I keep tweaking my custom HELO checks, but lately, they have settled down into something that approaches stability. If anyone is interested, I will post a summary of the HELO checking that I do.
I'm interested. Maybe put up a webpage?
Greets, M4
------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
