>Just very strict, but they are insisting on "best practice", which is their
>choice: But isnt complying with existing standards/rules (in this case RFC compliance) best practise? In which case the receiver is not following best practise by blocking my mail? :) I agree that it will be perfect to have the ehlo and reverse dsn lookup the same, but would it be possible that there might be some reason/situation that it is not possible to set this up...which is why rfc does not have this rule probably?....it would be very helpful if anyone knows situations in which this cannot be setup or should it always be possible to set this up..... this would be helpful for me in comparing with my own setup and deciding whether to go with the change or not. Thanks v much for your thoughts/experiences, Sandeep -----Original Message----- From: Len Conrad [mailto:[EMAIL PROTECTED] Sent: 25 November 2003 12:59 To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] EHLO request doesn't match the DNS Name Lookup >INFO: R[5] Client Name DNS Lookup - ns0.myserver.com [217.xxx.xx.xxx] >INFO: R[5] EHLO - mail01.myserver.com >WARNING: R[5] Connection rejected - Deny Connection for >ns0.myserver.com [217.xxx.xx.xxx] (PTR record does not match HELO/EHLO >string) An aggressive rule bound to reject tons of badly setup legit mailservers. And to be clear, the fault here is with the badly setup mail servers, NOT with his rule. And an mail admain that whines "I can't follow best practice because whine, sniffle, bluster, blah" needs to get out of the mail business, or get ready to spend a lot of time trying to get his mail delivered. >They tell me it's because the EHLO request doesn't match the DNS Name >Lookup......... they suggest you need to set the EHLO response to be >ns0.myserver.com too. > >Please can anyone help me find out how do I change the EHLO response to >match the client dns lookup > >We have setup a ptr record to point to both domain names > >Also, would it be correct (as per RFC/SMTP standards) for our email to >be blocked because EHLO response does not match DNS lookup or is it >just a very strict rule for blocking spam. Just very strict, but they are insisting on "best practice", which is their choice: IP must have PTR domain name which an A record matching the IP. HELO domain domain must match the SMTP greeting hostname. and all 4 hostname above should be the same. Len _____________________________________________________________________ http://MenAndMice.com/DNS-training: Atlanta; Orlando; San Jose IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
