On 7/17/2012 10:26 AM, LittleCho wrote: > Dear all, > > I am not sure if this issue has been discussed.I am going to ask , > I found Postfix will put the string which is used as hello name in > the received header. That is, if I try to using a fake name or ip as > my hello name during a SMTP conversation, postfix will output a fake > header in the mail and deliver it.
First, remember that a helo command is basically a comment, and is always treated as such. The helo is never treated as verified, reliable information. Postfix records the helo command as given by the client in a Received: header. Although a client can give an IP as the helo name, it is still just a comment and does not override the actual client IP, which is impractical to fake. Neither postfix nor any anti-spam system will ever use a helo IP in routing decisions. > Doesn't it make the anti-spam > product being confused when parsing the mail source and doing RBL > checking? No. Helo information is well-known to be easily faked, and no anti-spam nor RBL will rely on it for whitelisting. Sometimes faked helo names can be used for blacklisting, such as if a client uses "paypal.com" as helo, but the client hostname is something like 189-68-88-213.dsl.telesp.net.br, it will be pretty obvious to most anti-spam systems that it's not really paypal. -- Noel Jones
