The Underscore Archives

on 13/3/08 15:19, Edward Ross at underscore at rosstech.biz wrote:

> Good question - we have a web interface where you can manually add a
> sender to allow these mails to come through.

Problem is, for a lot of sites you've no idea where they're going to send
from until they've sent it... even the sender domain can be a bit random.

Personally, I'm firmly in favour of placing no onus on the sending party: be
that human intervention, or even something as automated as greylisting. It's
always easier to correct your own systems than try to explain to someone
else that their server is "broken".

The only thing that can cause us problems is that we do strict HELO checking
- that is, a sending server must issue a fqdn or an IP in square brackets in
the EHLO statement or I reject them. You'd be surprised who gets it wrong...
real.com, blackbox.co.uk amongst others. But it cuts out 1/3 of spam
immediately, because infected home machines almost always send their
hostname, not a fqdn.

Oliver.