Matus UHLAR - fantomas writes:
>> if BOFHCHECKHELO really does what it's documented to do, and what >> indicates this message, then you should not use it, since it violates RFC >> 821 and all its successors. It may cause troubles to you (well, it just >> did...)On 28.11.14 22:09, Marcin 'Rambo' Roguski wrote:>Actually, it also slashed about 30% of incoming spam, and I didn't notice any>illogical behaviour of my courier when analyzing the logs. I noted that it is an RFC violation: you MUST NOT refuse connection because HELO string does not match reverse DNS. such a thing may happen in case of IP or DNS change, even for hammy senders. ...you may reject the connection because of different HELO issue.
I'll confirm that a HELO check blocks a lot of junk.The default settings do not enable SPF checking at all; so the default configuration does not check the HELO.
But, if someone wants to do that, this setting is available; and, since it's their server, and if they wish to ignore the requirement to not validate the HELO, it's their prerogative to do so.
At some point, I suppose that the junk senders will wise up and will prudently set up their spam spewers, and at that point this check will lose its usefulness. But, until that happens, this is very useful.
pgpmRG_QF0uhu.pgp
Description: PGP signature
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
