[Samba] How "safe" is reject_unknown_helo_hostname?
L.P.H. van Belle
belle at bazuin.nl
Fri Apr 26 14:33:28 UTC 2019
Helo hostname MUST have resolvable hostname.
Crazy or not, but i use this.
The _access-allow parts for server you really trust.
smtpd_helo_required = yes
Resulting in more happy customers since after my adviced changes to there servers, they now also have less spam..
> -----Oorspronkelijk bericht-----
> Van: phils at caerllewys.net
> [mailto:owner-postfix-users at postfix.org] Namens Phil Stracchino
> Verzonden: vrijdag 26 april 2019 15:47
> Aan: postfix-users at postfix.org
> Onderwerp: Re: How "safe" is reject_unknown_helo_hostname?
> On 4/25/19 7:56 PM, Allen Coates wrote:
> > I have been looking at the configuration parameter
> > "reject_unknown_helo_hostname", with a view to using it to
> resist spam.
> > I know it is reasonably safe to reject an incoming email on
> an invalid or
> > non-fqdn HELO hostname, but *UNKNOWN?*
> > I don't receive a sufficient corpus of email to make a
> reasoned judgment.
> > Your comments would be appreciated.
> I don't see a fundamental risk in rejecting mail from servers
> claiming a
> HELO hostname that doesn't resolve. If you're already going to reject
> HELO from non-fqdn or invalid hostnames, why accept it from ones that
> don't resolve at all?
> Phil Stracchino
> Babylon Communications
> phils at caerllewys.net
> phil at co.ordinate.org
> Landline: +1.603.293.8485
> Mobile: +1.603.998.6958
More information about the samba