Dave,
You have a few valid points, and the rule may be misnamed with
HELO at its prefix; But look at some email coming from the free services
like Yahoo!, Hotmail or Gmail and you will see HTTP (as well as other
protocols; Hotmail/MSN also uses both of the MS proprietary protocols "DAV"
and "SMTPSVC"). I also have copies of some messages from "mindspring.com"
(re. Earthlink), "gmx.com" and "mail.ru" where the initial hop was HTTP and
these are "ham". In addition, I also have *lots* of saved spam from "mail.ru"
where the transfer initially was HTTP.
The name "HELO_xxx" may be bad, but the rule is good. The problems
lie with IMP and its attempts to "create/forge" an initial header. Of course,
an "easy" work around is to simply "unmark" the next hop as trusted, then the
message will look like any message forwarded trough a legitimate commercial
"free" system or from a dynamic/dial-up user to his ISP's web interface and
your "problem" will disappear. Personally, I don't even mark my "back-up"
'MX's as trusted, and have never seen a problem with this (though some extra
computation and DNS lookups are performed as a result).
I can't see any possible reason why blanca.unet.brandeis.edu is a
trusted host for server.home.jay.fm; But I can see many reasons why it should
not be.
Also, by including the original post, you have done us all a service.
I see leakage of the literal 127.0.0.1 and evidence of a misconfigured DNS or
hosts file - i.e. the resolution of 127.0.0.1 to localhost.localdomain: While
the hostname "localhost" is part of several standards, the ".localdomain" part
is intended as an example only, is not legal and shows that there *do* exist
other administrative problems in his environment.
Simply, if you intend to setup a web mail interface, you need to "fix"
the other problems too (and probably first, before complaining about a bug).
Paul Shupak
[EMAIL PROTECTED]
