Re: RBL-type BGP service for known rogue networks?

[Shawn McMahon <smcmahon () eiv com>]

On Mon, Jul 10, 2000 at 11:10:35AM -0400, Greg A. Woods wrote:
> However I should have listed the other requirement that I thought was
> self-obvious since we're talking about SMTP here.  I.e. I don't ever
> accept e-mail from anything less than the most strictly conforming SMTP
> implementations.  You're violating part one of RFC 1123 section #5.2.5.
> The name given by your SMTP server in the HELO "MUST" be a canonical
> hostname.  It must not be a CNAME.

Oh, you wanna go there?

5.2.5  HELO Command: RFC-821 Section 3.5
 
         The sender-SMTP MUST ensure that the <domain> parameter in a
         HELO command is a valid principal host domain name for the
         client host.  As a result, the receiver-SMTP will not have to
         perform MX resolution on this name in order to validate the
         HELO parameter.
 
         The HELO receiver MAY verify that the HELO parameter really
         corresponds to the IP address of the sender.  However, the
         receiver MUST NOT refuse to accept a message, even if the
         sender's HELO command fails verification.



Hmm. MUST NOT refuse.  Who's violating the RFC here, again?


*ANYBODY* using sendmail from a dynamic IP is either going to do this, or
worse.  RFC 1123 requires you to live with it.

If you choose not to, don't wave the damn RFC around like a magic shield.

CNAMEs are "valid principal host domain name[s]".  Nothing in the RFC
says it can't be a CNAME, but something in the RFC says you have to accept
it even if it's flat-out wrong or a lie.

Your thin ice just cracked, Greg.  Admit you're wrong and get on with your
life.


You're not running an RFC 1123-compliant mail setup at present.

Attachment: _bin
Description: