Check for helo/hostname mismatch? RSS

1

Hi,

would a check for helo/hostname mismatch be useful, or is this nonsense?

Regards
Norbert

by Norbert Fehlauer 6 years ago
2

@Norbert Fehlauer: There is no such requirement in the RFC (i.e., that the domain name submitted in the HELO command must match the reverse name of the sender MX IP), so such rule would definitely block many legitimate emails.

by Krisztian Fekete (Vamsoft) 6 years ago
(in reply to this post)

3

Thanks for the answer Krisztian,

thought so, but ran across such an incident. ;)
http://social.technet.microsoft.com/Forums/de-DE/technetgenerelle_fragende/thread/9c01cebe-e62a-4e64-bf61-81a0f7658757#9c01cebe-e62a-4e64-bf61-81a0f7658757

dd6018 postfix/policyd-weight[23346]: decided action=550
Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to
correct HELO and DNS MX settings or to get removed from DNSBLs; MTA helo:
by2msftvsmtp03.phx.gbl, MTA hostname:
delivery.smtp.microsoft.com[207.46.22.101] (helo/hostname mismatch);

by Norbert Fehlauer 6 years ago
4

"The HELO receiver MAY verify that the HELO parameter really corresponds to the IP address of the sender. However, the receiver MUST NOT refuse to accept a message, even if the sender's HELO command fails verification."

http://www.ietf.org/rfc/rfc1123.txt (section 5.2.5)

by Krisztian Fekete (Vamsoft) 6 years ago
5

Yes found that too. ;) http://tools.ietf.org/html/rfc2821#page-29 does not mention it at all. ;)

by Norbert Fehlauer 6 years ago
6

Yes, but your missing ..

https://tools.ietf.org/html/rfc2821#section-3.6

Only resolvable, fully-qualified, domain names (FQDNs) are permitted
when domain names are used in SMTP. In other words, names that can
be resolved to MX RRs or A RRs (as discussed in section 5) are
permitted, as are CNAME RRs whose targets can be resolved, in turn,
to MX or A RRs. Local nicknames or unqualified names MUST NOT be
used. There are two exceptions to the rule requiring FQDNs:

- The domain name given in the EHLO command MUST BE either a primary
host name (a domain name that resolves to an A RR) or, if the host
has no name, an address literal as described in section 4.1.1.1.


and with policy weight. : helo/hostname mismatch FAQ says..
The client-IP and its /24 or /16 subnets are in no relation to the A/MX records of the HELO FQDN, domain and parent domains;
NEITHER A/MX records of the sender-domain or parent domains;
NEITHER does the reverse record (PTR) point to a FQDN or domain which matches the HELO FQDN or domain or parent domains nor the sender-domain or parent domains.
Or in short: no, policyd-weight does NOT block on a helo/hostname mismatch alone, but does report it as one of the most obvious issue.

- The reserved mailbox name "postmaster" may be used in a RCPT
command without domain qualification (see section 4.1.1.3) and
MUST be accepted if so used.

by Louis 3 years ago

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

Nickname:
Email address (will not be published):
Your comment:

ORF Technical Support

Configuring, installing and troubleshooting ORF.

News & Announcements

Your dose of ORF-related news and announcements.

Everything but ORF

Discuss Exchange and system administration with fellow admins.

Feature Test Program

Feature Test Program discussion. Membership is required to visit this forum.

ORF Beta

Join the great bug hunt of the latest test release.

Customer Service

Stay Informed