[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: EHLO question
On Tue, Dec 02, 2003 at 12:24:28AM +0200, Matti Aarnio wrote:
> On Mon, Dec 01, 2003 at 02:24:54PM -0500, Grace He wrote:
...
> There are no runtime options to go with it to turn detected
> discrepancy to a rejection. Ages ago I did consider doing
> just that, but way too many PCs gave bad hostnames even back
> then. And it isn't reliable anti-spam measure, as large part
> of spammers are able to report correct IP reversals.
Just today at work (amongst other thing we were doing), I did
check at the smtpserver logs for couple usage problems.
I found a case, where a definite spamware is running at host H,
it sends out MAIL FROM with address that is invented by picking
some joe-random localpart, and tagging last two segments of IP-
reversed hostname. Those reversers just happen to be invalid,
so they were mighty easy to reject ;-) Also, it sends precisely
correct EHLO parameter hostname, that is, IP reversed lookup
result.
The same host (most likely), when a user is running an Outlook Express
does send "EHLO myfirstname" which doesn't match up...
(For a John that would be 'EHLO john', that is.)
Go figure...
> > I am running zmailer 2.99.55 with solaris 8.
> > Thanks,
> > grace
> > -----------------------------------------------
> > Grace He - Sysadmin
> > Ryerson University - School of Computer Science
/Matti Aarnio <mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi
- Follow-Ups:
- Re: EHLO question
- From: Eugene Crosser <crosser@rol.ru> (Tue, 2 Dec 2003 18:17:04 +0200)