On Fri, 22 May 2009, Aaron Wolfe wrote:
On Fri, May 22, 2009 at 9:06 AM, McDonald, Dan
<dan.mcdon...@austinenergy.com> wrote:
On Fri, 2009-05-22 at 14:14 +0200, Arvid Ephraim Picciani wrote:
- rejecting broken HELO at smtp time (such as "MUMS_XP_BOX")
We had too many false-positives when I did that. In particular,
Exchange administrators sem to be completely incapable of setting the
HELO name to something sane.
Although I would agree with that a couple years ago, in the past several
months I have been scoring very high on retarded HELO names with good
results. I think the tide is turning, more and more admins finally
getting a clue and more sites blocking or scoring highly on
misconfiguration.
They will especially get a clue if many sites reject their traffic with a
message like "your HELO should be your actual public FQDN, you moron."
(worded more politely, of course)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Insofar as the police deter by their presence, they are very, very
good. Criminals take great pains not to commit a crime in front of
them. -- Jeffrey Snyder
-----------------------------------------------------------------------
32 days since 9th Circuit incorporated 2nd Amdt - MSM still silent
