Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Broken HELO [was: tlug: Naive VM question]
- To: tlug@example.com
- Subject: Re: Broken HELO [was: tlug: Naive VM question]
- From: Jim Tittsler <jwt-tlug@example.com>
- Date: Wed, 29 Apr 1998 14:58:11 +0900
- Content-Type: text/plain; charset=us-ascii
- In-Reply-To: <13638.40482.511732.448901@example.com>; from Stephen J. Turnbull on Wed, Apr 29, 1998 at 12:27:30PM +0900
- Organization: Poolside Computing, Singapore
- References: <13638.32469.625844.897998@example.com> <Pine.LNX.3.96LJ1.1b7.980429105551.2122E-100000@example.com> <13638.40482.511732.448901@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug@example.com
On Wed, Apr 29, 1998 at 12:27:30PM +0900, Stephen J. Turnbull wrote: > This particular measure is just more trouble than it's worth. It's > not that hard to parse the received headers so that you can eventually > catch the forgeries, and though it may be expensive, you can short > circuit that (in the long run, anyway) by keeping a cache of > trustworthy domains that don't forge headers and check for them in the > HELO command and TCP connection. > > Of course, I don't know of any MTAs that do that, and I don't know of > any that are modular enough to make it easy to implement. I am quite a fan of the Exim MTA. It includes support for blacklisting certain hosts or IP address ranges (including the Realtime Blocking List (http:////maps.vix.com/rbl/)). It also includes a "system filter" that allows a variety of sanity checks on the received messages before delivery (for those that you have accepted). The configuration files are human readable and quite flexible. Moving the Tokyo PC Users Group server to Exim allowed me to greatly simplify my mailing list and mail-to-news gateways... since they are now handled by a couple of 'directors' I put together, rather than a messy combination of sendmail/smail aliases and formail invocations. Each user can (optionally) also use the filter language, so I've replaced my earlier .procmailrc with a somewhat more readable (and admittedly much more verbose :-) Exim filter. The author seems quite knowledgeable and quite approachable via the support mailing list (unlike some MTA authors I might mention :-). Python fans will also recognize Philip Hazel as the author of the PCRE package. http://www.exim.org/ (And BTW, Exim also will do HELO verification, but it defaults to 'off', since as Stephen pointed out, it is contrary to the standards to reject mail merely because the HELO string appears broken. But you've got the option if you want it.) -- Jim Tittsler, PSA http://starship.skyport.net/crew/jtittsler/ --------------------------------------------------------------- Next Nomikai: 15 May Fri, 19:30 Tengu TokyoEkiMae 03-3275-3691 Next TLUG Meeting: 13 June Sat, Tokyo Station Yaesu gate 12:30 Featuring Stone and Turnbull on .rpm and .deb packages --------------------------------------------------------------- a word from the sponsor: TWICS - Japan's First Public-Access Internet System www.twics.com info@example.com Tel:03-3351-5977 Fax:03-3353-6096
- References:
- Re: tlug: Naive VM question
- From: "Stephen J. Turnbull" <turnbull@example.com>
- Re: tlug: Naive VM question
- From: Craig Oda <craigoda@example.com>
- Broken HELO [was: tlug: Naive VM question]
- From: "Stephen J. Turnbull" <turnbull@example.com>
- Re: tlug: Naive VM question
- Prev by Date: tlug: Mailing list move
- Next by Date: Re: tlug: How to fake out Pine
- Prev by thread: Re: Broken HELO [was: tlug: Naive VM question]
- Next by thread: Re: tlug: Naive VM question
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |