On Jun 9, 2015, at 12:29 PM, John Hardin <jhar...@impsec.org> wrote: > (2) Check the HELO the other guy sends and reject if it's not a FQDN (i.e. > it's not got any periods at all). This probably shouldn't be done on mail > originating locally, but for mail coming in from the Internet the other MTA > should always be sending a FQDN in the HELO. A non-FQDN HELO is a pretty good > sign of a spambot sending from a compromised workstation or PC directly to > your MTA.
Do you have a sendmail line (or lines) that we can pretty much copy/paste to implement this, for those of us who are not total sendmail experts and too lazy (or busy, or incompetent) to Google something like this? =) I'm not sure whether or not I have enabled requiring valid rDNS... given how many legitimate mailservers out there don't have proper rDNS, I'm hesitant to turn that into a poison pill at the sendmail level. (Even my own $DAYJOB company failed to have rDNS on their mailservers until I showed them bounces from some strict recipient MTAs...) Cheers. -- Amir
