--- On Fri, 6/1/12, Philip Prindeville <[email protected]> wrote: > I've noticed that the following hosts are impersonated (in HELO > greetings) significantly more often than any others: > > smtp.comunitel.net > smtp.orange.es > smtp.jazztel.es > > Anyone know why? And these are all in Spain, in particular. > Do Spaniards lack imagination or what? A distant fourth would be: > > mail.sanmail.ru
No idea here. However, as long as the "HELO" hostname is valid (and not your host's name or "localhost" unless the connection is actually from you), it is acceptable under the RFCs/standards. Multi-homed hosts can have mismatches because the name given is supposed to be the "primary" name while DNS will return the interface name (which need NOT match). Random thought: Both the SPF and MTX solutions to validate sending servers could be applied to the HELO name in some way, but I suggest scoring only -- no outright rejections at this time. See if a further trend develops. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
