Wednesday 10 May 2006 16:48 skrev Chris Blaise: > I have the spf check in my acl_smtp_mail acl. The problem is that > the spf check only occurs if the sender uses HELO to set the domain. If > they don't, the check will not happen. If I were trying to spoof and knew > some sites wouldn't check helo, I wouldn't bother sending it!
But sending HELO or EHLO (with whatever arguments) is a requirement of RFC 2821. I don't think any legitimate mailers leave it out, so I think you could dare rejecting those who do (exempting your own users of course). -- Magnus Holmgren [EMAIL PROTECTED]
pgpfVbdTgaDFj.pgp
Description: PGP signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
