On 10 November 2011 18:45, Steve Fatula <compconsult...@yahoo.com> wrote: > This check says that the RFC requires a fully qualified hostname for HELO. > Most internet searches show this to be a "safe" check that shouldn't really > kill any real mail. Lately, noticed no ebay mail was coming through, looked > through the logs and see entires like: > Nov 9 20:30:58 host2 postfix/smtpd[16167]: NOQUEUE: reject: RCPT from > mxpool19.ebay.com[66.135.197.25]: 504 5.5.2 <mx88>: Helo command rejected: > need fully-qualified hostname; from=<e...@ebay.com> to=<m...@hiddendomain.com> > proto=ESMTP helo=<mx88> > > mx88 is of course not a FQDN. So, it was correctly rejected per the setting. > Obviously, I can try and whitelist all the ebay servers, but, it's a slight > pain. Could be a moving target, etc. This would allow me to keep the > setting, but.... > Since this did block mail from a rather well known common mailer, I am > starting to wonder how safe this check really is. Perhaps it's not so safe. > Yes, that is a configuration error on ebays part, but, I don't think you > really want to block ebay mail. > Are you finding this is not as safe a check as it should be, since > presumably the RFC requires it, still, people make mistakes? Is it really of > much use these days anyway for blocking spam?
This check alone is responsible for blocking up to 85% of the spam attempts on our system. Verify that the HELO is not localhost, mydomain.tld or ip.add.re.ss takes care of another 5% and rejecting invalid destinations takes care of the rest. Amavis ends up finding less than 1% of what makes it through that and that in itself is 1% of the total attempts. Write them a note with the RFC I say. Standards are no good if you let yours slip because it's Ebay. or Google. or InsetBrandnamehere. Simon
