Jack Olszewski said: > Yes, I've followed that thread pretty closely. But I haven't seen any > discussion of possible resolution of $helo in dns, with no regard to > $name, and an attempt to match the result with $ip. That is why I've > raised my question. > The rule I use is thus. If it does not have a resolvable hostname, then match on first 3 octets of machine or domain of hostname. Then match machine with mx of domain. (event though the mx of the domain is for accepting mail, not sending it.) Then reject... You don't get much return for this, a number of machines don't have decent dns. On many their hostname does not resolve to the domain their helo is claiming.
--luke -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
