On 6/1/12 1:53 PM, [email protected] wrote: > No idea here. However, as long as the "HELO" hostname is valid (and not your > host's name or "localhost" unless the connection is actually from you), it is > acceptable under the RFCs/standards. Multi-homed hosts can have mismatches > because the name given is supposed to be the "primary" name while DNS will > return the interface name (which need NOT match). > > Random thought: Both the SPF and MTX solutions to validate sending servers > could be applied to the HELO name in some way, but I suggest scoring only -- > no outright rejections at this time. See if a further trend develops.
I've noticed that the impersonations inevitably come from DHCP address pools according to ZenBL. May 27 03:25:33 mail mimedefang.pl[32097]: helo: 89.234.77.188.dynamic.jazztel.es (188.77.234.89:50758) said "helo smtp.jazztel.es" May 27 03:25:34 mail mimedefang.pl[32097]: filter_helo rejected helo smtp.jazztel.es May 27 03:25:34 mail sendmail[1719]: q4R9PSpP001719: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 27 04:34:45 mail mimedefang.pl[32097]: helo: [212.231.249.48] (212.231.249.48:1887) said "helo mail.sanmail.ru" May 27 04:34:45 mail mimedefang.pl[32097]: filter_helo rejected helo mail.sanmail.ru May 27 04:34:45 mail sendmail[2037]: q4RAYdpX002037: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.4 May 27 04:42:03 mail mimedefang.pl[32097]: helo: 9.66.218.87.dynamic.jazztel.es (87.218.66.9:3248) said "helo smtp.jazztel.es" May 27 04:42:03 mail mimedefang.pl[32097]: filter_helo rejected helo smtp.jazztel.es May 27 04:42:03 mail sendmail[2055]: q4RAfsHJ002055: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 27 08:53:35 mail mimedefang.pl[2231]: helo: [85.52.167.76] (85.52.167.76:2689) said "helo smtp.orange.es" May 27 08:53:35 mail mimedefang.pl[2231]: filter_helo tempfailed helo smtp.orange.es May 27 08:53:35 mail sendmail[2914]: q4RErTkM002914: Milter: helo=smtp.orange.e, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 27 18:03:05 mail mimedefang.pl[3534]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:50912) said "helo smtp.jazztel.es" May 27 18:03:05 mail mimedefang.pl[3534]: filter_helo rejected helo smtp.jazztel.es May 27 18:03:05 mail sendmail[4541]: q4S0305B004541: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 27 18:33:23 mail mimedefang.pl[3534]: helo: [190.219.176.232] (190.219.176.232:3182) said "helo mail.sanmail.ru" May 27 18:33:23 mail mimedefang.pl[3534]: filter_helo rejected helo mail.sanmail.ru May 27 18:33:23 mail sendmail[4640]: q4S0XHlK004640: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.4 May 27 18:37:43 mail mimedefang.pl[3534]: helo: [90.162.44.156] (90.162.44.156:4974) said "helo mail.sanmail.ru" May 27 18:37:44 mail mimedefang.pl[3534]: filter_helo rejected helo mail.sanmail.ru May 27 18:37:44 mail sendmail[4647]: q4S0bc24004647: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 27 18:46:55 mail mimedefang.pl[3534]: helo: [83.231.17.32] (83.231.17.32:55056) said "helo mail.sanmail.ru" May 27 18:46:55 mail mimedefang.pl[3534]: filter_helo rejected helo mail.sanmail.ru May 27 18:46:55 mail sendmail[4674]: q4S0knMB004674: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 27 19:34:28 mail mimedefang.pl[3534]: helo: [84.232.23.67] (84.232.23.67:3268) said "helo mail.sanmail.ru" May 27 19:34:28 mail mimedefang.pl[3534]: filter_helo rejected helo mail.sanmail.ru May 27 19:34:28 mail sendmail[4778]: q4S1YNwS004778: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.4 May 28 06:01:27 mail mimedefang.pl[6955]: helo: [85.52.167.76] (85.52.167.76:1296) said "helo smtp.orange.es" May 28 06:01:27 mail mimedefang.pl[6955]: filter_helo tempfailed helo smtp.orange.es May 28 06:01:27 mail sendmail[7002]: q4SC1LXQ007002: Milter: helo=smtp.orange.e, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 28 09:07:08 mail mimedefang.pl[6955]: helo: 97.149.23.95.dynamic.jazztel.es (95.23.149.97:61416) said "helo smtp.jazztel.es" May 28 09:07:08 mail mimedefang.pl[6955]: filter_helo rejected helo smtp.jazztel.es May 28 09:07:08 mail sendmail[7678]: q4SF73Fg007678: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 28 11:13:36 mail mimedefang.pl[6956]: helo: 198.158.78.188.dynamic.jazztel.es (188.78.158.198:52534) said "helo smtp.jazztel.es" May 28 11:13:36 mail mimedefang.pl[6956]: filter_helo rejected helo smtp.jazztel.es May 28 11:13:36 mail sendmail[8118]: q4SHDVCR008118: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 28 21:05:09 mail mimedefang.pl[8618]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:55329) said "helo smtp.jazztel.es" May 28 21:05:09 mail mimedefang.pl[8618]: filter_helo rejected helo smtp.jazztel.es May 28 21:05:09 mail sendmail[9812]: q4T353GM009812: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 28 22:11:12 mail mimedefang.pl[8618]: helo: [89.29.204.100] (89.29.204.100:49774) said "helo mail.sanmail.ru" May 28 22:11:12 mail mimedefang.pl[8618]: filter_helo rejected helo mail.sanmail.ru May 28 22:11:12 mail sendmail[9944]: q4T4B7Y6009944: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 29 01:13:30 mail mimedefang.pl[8920]: helo: 136.4.218.87.dynamic.jazztel.es (87.218.4.136:1969) said "helo smtp.jazztel.es" May 29 01:13:30 mail mimedefang.pl[8920]: filter_helo rejected helo smtp.jazztel.es May 29 01:13:30 mail sendmail[10504]: q4T7DLGZ010504: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 29 03:56:12 mail mimedefang.pl[10159]: helo: [90.162.44.156] (90.162.44.156:1983) said "helo mail.sanmail.ru" May 29 03:56:13 mail mimedefang.pl[10159]: filter_helo rejected helo mail.sanmail.ru May 29 03:56:13 mail sendmail[11532]: q4T9u75U011532: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 29 21:25:41 mail mimedefang.pl[14780]: helo: 164.21.19.95.dynamic.jazztel.es (95.19.21.164:1200) said "helo smtp.jazztel.es" May 29 21:25:41 mail mimedefang.pl[14780]: filter_helo rejected helo smtp.jazztel.es May 29 21:25:41 mail sendmail[15794]: q4U3PZXd015794: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 29 23:58:37 mail mimedefang.pl[14780]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:65382) said "helo smtp.jazztel.es" May 29 23:58:37 mail mimedefang.pl[14780]: filter_helo rejected helo smtp.jazztel.es May 29 23:58:37 mail sendmail[16228]: q4U5wVU0016228: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 30 01:19:24 mail mimedefang.pl[15539]: helo: 186.46.78.188.dynamic.jazztel.es (188.78.46.186:3696) said "helo smtp.jazztel.es" May 30 01:19:24 mail mimedefang.pl[15539]: filter_helo rejected helo smtp.jazztel.es May 30 01:19:24 mail sendmail[16539]: q4U7JJCZ016539: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.4 May 30 04:22:23 mail mimedefang.pl[16569]: helo: [85.52.167.76] (85.52.167.76:3159) said "helo smtp.orange.es" May 30 04:22:23 mail mimedefang.pl[16569]: filter_helo tempfailed helo smtp.orange.es May 30 04:22:23 mail sendmail[17772]: q4UAMIxE017772: Milter: helo=smtp.orange.es, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 30 06:44:31 mail mimedefang.pl[18111]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:51478) said "helo smtp.jazztel.es" May 30 06:44:32 mail mimedefang.pl[18111]: filter_helo rejected helo smtp.jazztel.es May 30 06:44:32 mail sendmail[18346]: q4UCiQkY018346: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 30 20:08:54 mail mimedefang.pl[21005]: helo: 57.146.16.95.dynamic.jazztel.es (95.16.146.57:2053) said "helo smtp.jazztel.es" May 30 20:08:54 mail mimedefang.pl[21005]: filter_helo rejected helo smtp.jazztel.es May 30 20:08:54 mail sendmail[22265]: q4V28nPS022265: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 30 21:56:48 mail mimedefang.pl[21005]: helo: 57.146.16.95.dynamic.jazztel.es (95.16.146.57:4765) said "helo smtp.jazztel.es" May 30 21:56:48 mail mimedefang.pl[21005]: filter_helo rejected helo smtp.jazztel.es May 30 21:56:48 mail sendmail[22624]: q4V3uhDw022624: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 04:47:31 mail mimedefang.pl[23008]: helo: [90.163.233.145] (90.163.233.145:58049) said "helo mail.sanmail.ru" May 31 04:47:31 mail mimedefang.pl[23008]: filter_helo tempfailed helo mail.sanmail.ru May 31 04:47:31 mail sendmail[24762]: q4VAlQh4024762: Milter: helo=mail.sanmail.ru, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 31 05:35:49 mail mimedefang.pl[23443]: helo: [84.76.193.69] (84.76.193.69:49547) said "helo mail.sanmail.ru" May 31 05:35:49 mail mimedefang.pl[23443]: filter_helo tempfailed helo mail.sanmail.ru May 31 05:35:49 mail sendmail[24991]: q4VBZiac024991: Milter: helo=mail.sanmail.ru, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 31 07:12:56 mail mimedefang.pl[25225]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:64354) said "helo smtp.jazztel.es" May 31 07:12:56 mail mimedefang.pl[25225]: filter_helo rejected helo smtp.jazztel.es May 31 07:12:56 mail sendmail[25581]: q4VDCp0o025581: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 07:23:36 mail mimedefang.pl[25225]: helo: 75.162.16.95.dynamic.jazztel.es (95.16.162.75:2951) said "helo smtp.jazztel.es" May 31 07:23:36 mail mimedefang.pl[25225]: filter_helo rejected helo smtp.jazztel.es May 31 07:23:36 mail sendmail[25624]: q4VDNSOu025624: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 10:29:42 mail mimedefang.pl[26004]: helo: [85.52.167.76] (85.52.167.76:4564) said "helo smtp.orange.es" May 31 10:29:42 mail mimedefang.pl[26004]: filter_helo tempfailed helo smtp.orange.es May 31 10:29:42 mail sendmail[26800]: q4VGTaMx026800: Milter: helo=smtp.orange.es, reject=451 4.3.0 No rDNS records found; try again when you've properly configured your DNS. May 31 11:49:21 mail mimedefang.pl[26499]: helo: [90.173.22.167] (90.173.22.167:2581) said "helo mail.sanmail.ru" May 31 11:49:21 mail mimedefang.pl[26499]: filter_helo rejected helo mail.sanmail.ru May 31 11:49:21 mail sendmail[27296]: q4VHnFKF027296: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 14:58:13 mail mimedefang.pl[27644]: helo: 215.161.79.188.dynamic.jazztel.es (188.79.161.215:49434) said "helo smtp.jazztel.es" May 31 14:58:13 mail mimedefang.pl[27644]: filter_helo rejected helo smtp.jazztel.es May 31 14:58:13 mail sendmail[28431]: q4VKw7mG028431: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 15:21:42 mail mimedefang.pl[27644]: helo: [90.163.125.55] (90.163.125.55:1112) said "helo mail.sanmail.ru" May 31 15:21:43 mail mimedefang.pl[27644]: filter_helo rejected helo mail.sanmail.ru May 31 15:21:43 mail sendmail[28559]: q4VLLbtf028559: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.4 May 31 20:53:40 mail mimedefang.pl[29623]: helo: 97.149.23.95.dynamic.jazztel.es (95.23.149.97:57131) said "helo smtp.jazztel.es" May 31 20:53:40 mail mimedefang.pl[29623]: filter_helo rejected helo smtp.jazztel.es May 31 20:53:40 mail sendmail[30051]: q512rZc2030051: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 21:04:11 mail mimedefang.pl[29623]: helo: [90.168.5.2] (90.168.5.2:4449) said "helo mail.sanmail.ru" May 31 21:04:11 mail mimedefang.pl[29623]: filter_helo rejected helo mail.sanmail.ru May 31 21:04:11 mail sendmail[30090]: q51345l0030090: Milter: helo=mail.sanmail.ru, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 May 31 23:12:05 mail mimedefang.pl[29623]: helo: 121.32.218.87.dynamic.jazztel.es (87.218.32.121:4530) said "helo smtp.jazztel.es" May 31 23:12:05 mail mimedefang.pl[29623]: filter_helo rejected helo smtp.jazztel.es May 31 23:12:05 mail sendmail[30564]: q515BuDm030564: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 Jun 1 00:22:17 mail mimedefang.pl[29623]: helo: 68.246.76.188.dynamic.jazztel.es (188.76.246.68:51031) said "helo smtp.jazztel.es" Jun 1 00:22:17 mail mimedefang.pl[29623]: filter_helo rejected helo smtp.jazztel.es Jun 1 00:22:17 mail sendmail[30830]: q516MCR3030830: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 Jun 1 07:17:56 mail mimedefang.pl[480]: helo: 57.146.16.95.dynamic.jazztel.es (95.16.146.57:3456) said "helo smtp.jazztel.es" Jun 1 07:17:56 mail mimedefang.pl[480]: filter_helo rejected helo smtp.jazztel.es Jun 1 07:17:56 mail sendmail[823]: q51DHorY000823: Milter: helo=smtp.jazztel.e, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 Jun 1 08:20:54 mail mimedefang.pl[480]: helo: 89.234.77.188.dynamic.jazztel.es (188.77.234.89:50714) said "helo smtp.jazztel.es" Jun 1 08:20:54 mail mimedefang.pl[480]: filter_helo rejected helo smtp.jazztel.es Jun 1 08:20:54 mail sendmail[1141]: q51EKmag001141: Milter: helo=smtp.jazztel.es, reject=554 5.7.1 This address is on ZenBL as 127.0.0.11 _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
