From owner-freebsd-stable  Thu Oct 16 23:11:44 1997
Return-Path: <owner-freebsd-stable>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id XAA23128
          for stable-outgoing; Thu, 16 Oct 1997 23:11:44 -0700 (PDT)
          (envelope-from owner-freebsd-stable)
Received: from shell.futuresouth.com (shell.futuresouth.com [207.141.254.20])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA23117
          for <freebsd-stable@FreeBSD.ORG>; Thu, 16 Oct 1997 23:11:41 -0700 (PDT)
          (envelope-from fullermd@futuresouth.com)
Received: from shell.futuresouth.com (mail.futuresouth.com [207.141.254.21])
	by shell.futuresouth.com (8.8.5/8.8.5) with SMTP id BAA10868;
	Fri, 17 Oct 1997 01:11:26 -0500 (CDT)
Date: Fri, 17 Oct 1997 01:11:26 -0500 (CDT)
From: "Matthew D. Fuller" <fullermd@futuresouth.com>
To: chad@dcfinc.com
cc: Don Lewis <Don.Lewis@tsc.tdk.com>, root@eyelab.psy.msu.edu,
        dkelly@hiwaay.net, freebsd-stable@FreeBSD.ORG
Subject: Re: Anti-spam sendmail in 2.2.5?
In-Reply-To: <199710170228.TAA02679@freebie.dcfinc.com>
Message-ID: <Pine.BSF.3.96.971017010844.7972B-100000@shell.futuresouth.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 16 Oct 1997, Chad R. Larson wrote:

> > On Oct 15, 10:07pm, "Chad R. Larson" wrote:
> > } Subject: Re: Anti-spam sendmail in 2.2.5?
> > 
> > } Also under consideration is insisting on a HELO during the SMTP
> > } handshake and doing a DNS lookup on that system.  If they don't match,
> > } you refuse the traffic.
> > 
> > I'm pretty sure this isn't strictly legal according to the RFCs, and it
> > will probably block some non-spam mail.  That's not to say it's not
> > effective against spam.
> > 
> > 			---  Truck
> 
> The biggest problem is the places where the name of the system as
> reported by HELO and it's name as reported by DNS can legitimately
> differ.  For example, mail that has been through a proxy server, or a
> NAT.  That's why it's "under consideration", instead of implemented.  We
> might be evaluating the lessor of two evils.
I agree wholeheartedly with this.  My system at home thinks it's one thing
(through ml.org), but it's really another thing, since I don't have a
static IP (hence, ml.org).  so my host represents itself as one thing, but
a reverse DNS query says something totally different.  Of course, this all
depends on whether we're resolving through DNS or reverse DNS; reverse DNS
would, I think, be the only good way to do this, since straight-forward
can be forged so easily it's not even funny.

But what can we do?  (throwing up of hands)

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
|       FreeBSD; the way computers were meant to be       |
* "The only reason I'm burning my candle at both ends, is *
| that I haven't figured out how to light the middle yet."|
*    fullermd@futuresouth.com      :-}  MAtthew Fuller    *
|      http://keystone.westminster.edu/~fullermd          |
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*