From: Adam Levin (no email)
Date: Wed May 01 2002 - 12:00:34 EDT
On Wed, 1 May 2002, Vivek Khera wrote:
> I use it to great effect. Please identify the "large provider" who
> can't follow RFC's. I've not yet run into one that gets the HELO
> wrong.
We have caught HELO problems from comcast.net primarily:
May 1 08:17:21 washington.hq.audible.com postfix/smtpd[18381]: [ID 197553
mail.info] reject: RCPT from smtp.comcast.net[24.153.64.2]: 504
<mtaout05>: Helo command rejected: need fully-qualified hostname; from=<>
to=<>
May 1 08:23:50 washington.hq.audible.com postfix/smtpd[18381]: [ID 197553
mail.info] reject: RCPT from smtp.comcast.net[24.153.64.2]: 504
<mtaout02>:
Helo command rejected: need fully-qualified hostname; from=<>
to=<>
And this was an interesting one (it was to our CEO, which is why it gets
high priority):
May 1 08:37:37 washington.hq.audible.com postfix/smtpd[20905]: [ID 197553
mail.info] reject: RCPT from
bgp01547496bgs.anapol01.md.comcast.net[68.49.8.139]: 504
<JAME_COFRAN>: Helo command rejected: need fully-qualified hostname;
from=<> to=<>
Note the return address: . The client, though, was a
comcast.net box. Note the HELO: JAME_COFRAN (jxc?). I'm guessing it's
his own box in this case that he's sending mail through, and he
misconfigured it.
> I scan my reject logs every day for such things and have only had two
> ligitimate mails blocked this way in over a year, and I get *tons* of
> email. Both of these were from fools running WinNT servers without
> even any configuration to make them secure...
We had two valid rejects yesterday out of 63 rejects based on this
restriction. I'd love to leave it in, but the mucky-mucks are getting
antsy.
-Adam
Adam Levin, Senior Unix Systems Administrator | http://www.audible.com/
Audible, Inc.
Wayne, NJ, 07470 There's someone in my head, but it's not me.
973-837-2797
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|