Charles Cazabon <[EMAIL PROTECTED]> writes:
> John Conover <[EMAIL PROTECTED]> wrote:
> > As a matter of policy, is it reasonable to reject messages that fail a
> > reverse DNS lookup on HELO's FQDN/authentication?
>
> Very political question. As long as you don't reject envelope senders of
> <> and <#@[]>, you won't be violating any RFCs.
It would be a violation of RFC 1123, which states:
5.2.5 HELO Command: RFC-821 Section 3.5
The sender-SMTP MUST ensure that the <domain> parameter in a
HELO command is a valid principal host domain name for the
client host. As a result, the receiver-SMTP will not have to
perform MX resolution on this name in order to validate the
HELO parameter.
The HELO receiver MAY verify that the HELO parameter really
corresponds to the IP address of the sender. However, the
receiver MUST NOT refuse to accept a message, even if the
sender's HELO command fails verification.
It's still OK to deny a non-syntactically-correct HELO, though.
--
"I live in the heart of the machine. We are one."
