[nylug-talk] Weird message-id in email [ot]
Henning Follmann
hfollmann at itcfollmann.com
Wed Feb 27 14:11:57 EST 2008
On Wed, Feb 27, 2008 at 12:39:38PM -0500, Chris Knadle wrote:
> More info and combined replies below.
>
> On Wednesday 27 February 2008, Chris Knadle wrote:
> > On Wednesday 27 February 2008, jh wrote:
> > > - Wouldn't there be a received: header that would show that he's using
> > > their smtp server? Note that all of the ip's in the header resolve to
> > > comcast.
> >
> > The email likely originated from a Comcast cable modem, so scratch what
> > I said first about the improper HELO, since this wouldn't be something your
> > MTA would have seen.
>
>
> I think I've probably confused a bunch of people so I'll give this a tad
> more detail. The originating sender sent an improper HELO -- a HELO needs to
> be a FQDN or an IP address in brackets, of which neither was used. However
> the Comcast MTA likely accepted the message anyway because the IP address it
> was sent from was within a Comcast IP block, giving the message priority over
> the any rules to reject via improper HELO.
> The HELO greeting used to connect to the final MTA was proper, so as far as
> jh's MTA is concerned, the message is kosher.
>
>
To make it clear the RFC does NOT require that the HELO is ANYTHING ELSE
than a string. It can be anything.
It is good practice to set it to the FQDN of your MX record, and a lot
of server check that and refuse if they do not match up.
I actually recomment against this check, because there are still too
many misconfigured server out there.
Henning
--
Henning Follmann | hfollmann at itcfollmann.com
it consultant | www.itcfollmann.com
More information about the nylug-talk
mailing list