> > I realise that technically speaking C) doesn't conform to > > RFC 2821, but there seems to be a relevant number of legitimate > > MTA's out there, that sends mail using an IP with a reverse lookupable > > PTR > > record, that points to their HELO string, which in turn points to > > something stupid. > > > > And HELO-strings are worthless for IDing the true origin of > > an email anyway, but the PTR records of the IPs of > > compromised systems cannot easily be manipulated by spammers, > > but of course, they could simply do a PTR lookup of > > the spam zombie host and use that as a HELO string. > > That's an argument against rejecting on verify=helo, not an argument > against relaxing the current reverse lookup behaviour. > > In general, rejecting on verify=helo is a bad idea for many more reasons > than just incorrect reverse lookups.
Precisely, that's why do not use "verify = helo" for rejecting emails, instead I use it to exempt MTAs with a valid helo string from some other processing, and for that a check helo str=simple reverse lookup would be nice thing to have. Is there perhaps a way to achieve this using other Exim features? -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
