The Underscore Archives

on 23/4/07 17:27, Michael Trim at Michael.trim at ibltd.com wrote:

> All our email is outsourced. I'll forward your reply to them. (Have to
> say I'm a little surprised I've never come across this before if it's so
> common).

No, most mail servers by default are very permissive of invalid HELOs. You
have to deliberately force them to reject email. But a huge percentage of
spam (around 30% of ours) has invalid HELOs, mostly because it's sent from
zombied home machines which don't have their hostname properly configured,
so the benefit of blocking it far outweighs losing the odd email from a
badly configured server.

Bear in mind, a mail server should NEVER reject email if the HELO fqdn
doesn't resolve... so for instance, "HELO mail.idontexist.com" should not be
rejected just because idontexist.com doesn't exist. But it's totally
allowable to reject syntactically incorrect HELOs.

If your outsourcing company argues, point them to sections 2.3.5 and 3.6 of
RFC 2821 (http://www.ietf.org/rfc/rfc2821.txt ).

Oliver.