>> >> On Wed, 6 Dec 2006, Kelly Jones wrote: >> >> > Recently, someone connected our server, call it mx.xyz.com, and said >> > "HELO mx.xyz.com". Spamassassin didn't ding it for doing this. >> >> IMHO this is worthy of a 500 reject at the MTA level. There is NO >> legitimate reason for J. Random User out on the internet to claim his >> MTA is yours. >> >> I've posted milter-regex examples that do this here before. >> >> --
Hi, if you have outside users sending through your mta, you need to allow them almost any garbage in the helo string. So the helo check should be run at mail or rcpt time - users are authenticated then Wolfgang Hamann
