John Hardin a écrit : > On Fri, 22 May 2009, Matus UHLAR - fantomas wrote: > >> I was mentioning cases where someone compares HELO to FQDN and rejects >> connections if they do not match. That was indicated by the message (even >> with different wording). > > Ok, agreed. If they don't match don't reject, just give that a point. >
Not as stated. let's say 192.0.2.1 has a PTR of life.example life.example has an A of 192.0.2.1 easy.example has an A of 192.0.2.1 if an MTA running on 192.0.2.1 helos as easy.example, then it's as good as any other name he could use. The fact that "life" is not "easy" is totally irrelevant. (of course, hostnames were chosen to allow for a word game, but this too is totally irrelevant :) you can only add a point if you do more checks, such as helo is in AU and sending IP is in UA, ... etc. > However, a FQDN in the HELO being unresolvable is a valid reason to > reject. but as I understand the RFCs, it could resolve to anything. an example would be an MTA behind a NAT box. (note that I am talking about the RFC requirement, not about what anyone can do with the noise he gets...) > Per RFC2821 3.6 it MUST resolve. > BTW. 2821 and 2822 were updated some time ago. use 5321 and 5322 as references now.
