Security Basics mailing list archives
Re: Mail Servers blocking BAD Helo
From: "Steven Moix - Axianet.ch" <steven.moix () axianet ch>
Date: Thu, 30 Dec 2004 19:48:52 +0100
I faced the same problem, my opinion is that you should be as RFC-close as possible on the mailservers, this avoids a lot of bad messages.
Like you said, the problem is that people often don't configure correctly some scripts to send e-mails via webpages. You should simply write a kind message to the administrator of that domain to make him aware of this problem, it's often corrected in 5 minutes and doing so you help other people at the same time.
Information for a better world ;)----- Original Message ----- From: <brandon () xcodes net>
To: <security-basics () securityfocus com> Sent: Thursday, December 30, 2004 7:55 AM Subject: Mail Servers blocking BAD Helo
Hi People, Not quite sure if this is OT but would require opinions to assist me in making decision of whether to block "BAD HELO" at SMTP level. Below is a brief desciption of the situation: My company's mail server are reciving alot of spams with non-DQDN HELO greetings during the smtp conversation. We are using 2 front-end MX servers whcih does smtp routes to the relevant POP servers. We have actually tried to implement blocking of all helo greetings that are not in FQDN format on one of the servers and the result seems to be good. However, the only problem that we faced is there other other ISP ain't using FQDN in their HELO greetings. We do have a couple of clients who are complaining that they are unable to receive mails from certain ISPs, which from our checks in the SMTP logs, the servers are using "MySMTP1" sort of HELO greetings. Now my management are asking me on this issue if we should fully implement such feature across the other MX servers or should we withdraw such feature fully from the MX servers. From my readings on the SMTP RFCs, they have indicated that SMTP servers must configure its hostname to FQDN which will be used in HELO Greetings(if im not wrong). Im also wondering if there are any other ISP using such implementation(Blocking BAD HELO greetings) on their SMTP Servers, any idea? Would welcome all opinions on this issue. Thanks Brandon
Current thread:
- Mail Servers blocking BAD Helo brandon (Dec 30)
- Re: Mail Servers blocking BAD Helo Anthony J. Cogan (Dec 30)
- Re: Mail Servers blocking BAD Helo Fernando Amatte (Dec 30)
- Re: Mail Servers blocking BAD Helo Steven Moix - Axianet.ch (Dec 30)
- <Possible follow-ups>
- RE: Mail Servers blocking BAD Helo Roger A. Grimes (Dec 31)