|
|
|
|
|
|
| Author |
Message |
Edgar Lovecraft
*nix forums beginner
Joined: 03 Feb 2005
Posts: 44
|
 Posted: Thu May 26, 2005 12:54 pm Post subject:
Re: Bogus HELOs
|
|
|
Fred Viles wrote:
| Quote: |
On 25 May 2005 at 14:49, Edgar Lovecraft wrote about
"Re: [exim] Bogus HELOs":
| Fred Viles wrote:
|...
| > ISTM the point, which is not aimed at you in particular, is: Please
| > don't feed the troll. No matter what bait he's using.
|
| I know exactly what the point was, and I had no argument over that,
| I did have a problem that the particular message he used, and quoted
| from** had nothing to do with the current feeding of the trolls.
Disagree. It had nothing to do with HELO, but it certainly was feeding
the G.A.W. troll.
|
No, it wasn't.
That is fine if you wish to disagree, but I did not respond to
ANYTHING that Greg A. Woods had said, I responded to something
that Gary Allen Vollink had said.
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-
20050523/msg00086.html
| Quote: | That's what I meant by "no matter what bait he's
using". I can sympathize, I've been unable to resist some of his bait
in the past.
|
I did not take any 'bait' from G.A.W.
--
--EAL--
--
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
 |
Dave Lugo
*nix forums addict
Joined: 18 Feb 2005
Posts: 97
|
| Posted: Wed May 25, 2005 6:36 pm Post subject:
Re: Bogus HELOs
|
|
|
On Wed, 25 May 2005, Greg A. Woods wrote:
--snip--
Please, stop the HELO argument, or take it to private email.
(me starts considering how to write an Exim filter to bit-bucket
this repetative issue)
--
--------------------------------------------------------
Dave Lugo dlugo@etherboy.com LC Unit #260 TINLC
Have you hugged your firewall today? No spam, thanks.
--------------------------------------------------------
Are you the police? . . . . No ma'am, we're sysadmins.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Greg A. Woods
*nix forums addict
Joined: 04 Feb 2005
Posts: 91
|
| Posted: Wed May 25, 2005 6:29 pm Post subject:
Re: Bogus HELOs
|
|
|
[ On Wednesday, May 25, 2005 at 13:21:08 (-0400), Randy Bush wrote: ]
| Quote: | Subject: Re: [exim] Bogus HELOs
Your mailer's outbound SMTP connections will not (or "SHOULD NOT") get a
different address depending on where they're connecting to
actually, in v4 they may, and in v6 some would contend they should.
|
Maybe in some (broken!) IPv4 implementations they might, but not in any
of the ones I use. :-)
(remember, the statement I made above is about alias addresses on a
single interface, _not_ multi-homed addresses on multiple interfaces)
| Quote: | this is all a bunch of useless smoke anyway. present some usable
fqdn in the helo and be done with it.
|
Come on Randy -- you of all people should know better than to give such
bogus, confusing, misleading, incorrect, and downright damaging advice.
It's this kind of bogus advice which has lead to the likes of hotmail et
al thinking they can get away with doing such stupid things, now to the
extent that they've been even trying to use totally invalid top level
domains in their greeting parameter (e.g. .ice).
Look, the real rule is _really_ VERY simple, and there's really _no_
valid excuse for not following it.
The SMTP client "MUST" greet with either its proper fully qualified host
domain name (one which resolves to an A record giving its source
address), or IFF there's no such name available then it may greet with a
properly formed domain literal address that matches its source address.
There are no ifs, ands, or buts here -- and never have been.
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Edgar Lovecraft
*nix forums beginner
Joined: 03 Feb 2005
Posts: 44
|
| Posted: Wed May 25, 2005 5:49 pm Post subject:
Re: Bogus HELOs
|
|
|
Fred Viles wrote:
| Quote: |
On 25 May 2005 at 1:22, Edgar Lovecraft wrote about
"Re: [exim] Bogus HELOs":
|...
| I did not make any comments on the HELO/EHLO hostname thing this time,
| a rarity for me I know, so send that post to those who did.
ISTM the point, which is not aimed at you in particular, is: Please
don't feed the troll. No matter what bait he's using.
|
I know exactly what the point was, and I had no argument over that,
I did have a problem that the particular message he used, and
quoted from** had nothing to do with the current feeding of the trolls.
As for feeding th trolls, as long as the debate continues on a path
that does not include name calling, but stays civil and rational,
what is the problem with the current discussion??
I suppose that we could just start tossing all the message threads that
have come about over the years on this topic into a web page so that
people can see a complete history =)
**absolutely nothing in the message quoted had anything to do with
the HELO debate what so ever, and as John has noted to me personally,
he should have choosen a more relevant message to respond to ;)
--
--EAL--
--
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Matt Fretwell
*nix forums Guru
Joined: 19 Feb 2005
Posts: 583
|
|
| Back to top |
|
|
Randy Bush
*nix forums beginner
Joined: 23 Oct 2004
Posts: 26
|
| Posted: Wed May 25, 2005 3:21 pm Post subject:
Re: Bogus HELOs
|
|
|
| Quote: | Your mailer's outbound SMTP connections will not (or "SHOULD NOT") get a
different address depending on where they're connecting to
|
actually, in v4 they may, and in v6 some would contend they should.
this is all a bunch of useless smoke anyway. present some usable
fqdn in the helo and be done with it.
randy
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Fred Viles
*nix forums Guru
Joined: 02 Feb 2005
Posts: 320
|
| Posted: Wed May 25, 2005 1:43 pm Post subject:
Re: Bogus HELOs
|
|
|
On 25 May 2005 at 1:22, Edgar Lovecraft wrote about
"Re: [exim] Bogus HELOs":
|...
| I did not make any comments on the HELO/EHLO hostname thing this time,
| a rarity for me I know, so send that post to those who did.
ISTM the point, which is not aimed at you in particular, is: Please
don't feed the troll. No matter what bait he's using.
- Fred
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Edgar Lovecraft
*nix forums beginner
Joined: 03 Feb 2005
Posts: 44
|
| Posted: Wed May 25, 2005 4:22 am Post subject:
Re: Bogus HELOs
|
|
|
John W. Baxter wrote:
| Quote: |
On 5/24/05 5:19 PM, "Edgar Lovecraft" <exim-list@cox.net> wrote:
Gary Allen Vollink wrote:
..[snip]...
Valid excuse, as in - "I plugged it in and the default settings
already >> work?" (The mantra of the Windows admin).
NOT the mantra of the Windows admin.
IS the mantra of the "I don't care" or the "underqualified"
or the "uneducated" admin.
Do we really have to repeat the whole HELO argument every time someone
asks a simple question that happens to mention HELO or EHLO (OK, this
one wasn't so simple...it was more a should I than a how can I so the
repetition is less unjustified)?
|
I did not make any comments on the HELO/EHLO hostname thing this time,
a rarity for me I know, so send that post to those who did.
I made a comment on the Windows admin bashing that is way too
pervasive on most lists that deal with *nix based software, this one
in particular.
Windows admins are just like any other admin for any other system,
some are good and some are bad, and don't even start thinking that
just because a person is the admin of a *nix based system that they
are automatically better than a Windows admin, we can see that on
this list too. Besides, how many of those that do bash Windows
admins can even administer a Windows network properly and securely,
let alone, admin one better than a good Windows admin; but then agian,
that is going to start a whole new round of arguments :P
--
--EAL--
--
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Greg A. Woods
*nix forums addict
Joined: 04 Feb 2005
Posts: 91
|
| Posted: Wed May 25, 2005 12:01 am Post subject:
Re: Bogus HELOs
|
|
|
[ On Tuesday, May 24, 2005 at 16:43:24 (-0500), Gary Allen Vollink wrote: ]
| Quote: | Subject: Re: [exim] Bogus HELOs
However the last time I saw, or even heard of, a true multi-homed SMTP
gateway (that was not a gateway to a private network (*)) was about 15
years ago.
My server, inferno.inside: 192.168.2.4, is also...
x.x.177.3 (dns) (and ntp, but reverse is for dns)
x.x.177.16 (mail)
x.x.177.106 (www)
x.x.177.111 (webmail)
|
Given those values your machine is most certainly _NOT_ multi-homed.
Your system simply has several IP alias addresses in addition to its
primary interface address. A multi-homed host sits on multiple
independent networks.
Your mailer's outbound SMTP connections will not (or "SHOULD NOT") get a
different address depending on where they're connecting to (nor should
the available addresses be randomly assigned). No interface alias
address should ever be used as a connection source address unless the
application explicitly binds to that address, in which case the
application knows bloody well exactly what name it should use).
This machine though _is_ multi-homed, but only to two separate private
networks (where XXX.YYY.ZZZ.13 is its public IP address):
$ netstat -in
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Colls
pcn0 1500 <Link> 00:60:94:EE:FF:fb 1033609248 25 989218216 0 0
pcn0 1500 XXX.YYY.ZZZ XXX.YYY.ZZZ.13 1033609248 25 989218216 0 0
fxp1 1500 <Link> 00:02:b3:EE:FF:c0 82316041 2 87116078 2 0
fxp1 1500 192.168.168 192.168.168.1 82316041 2 87116078 2 0
fxp0 1500 <Link> 00:90:27:EE:FF:13 14037196 0 10312495 0 0
fxp0 1500 192.168 192.168.0.5 14037196 0 10312495 0 0
lo0 33220 <Link> 313776 0 313776 0 0
lo0 33220 127 127.0.0.1 313776 0 313776 0 0
However it's not a mail gateway, just a firewall and the only mail it
sends are internal system reports which are sent to a host with which it
already has a known trust relationship. :-)
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
John W. Baxter
*nix forums Guru Wannabe
Joined: 12 Feb 2005
Posts: 215
|
| Posted: Tue May 24, 2005 11:43 pm Post subject:
Re: Bogus HELOs
|
|
|
On 5/24/05 5:19 PM, "Edgar Lovecraft" <exim-list@cox.net> wrote:
| Quote: | Gary Allen Vollink wrote:
..[snip]...
Valid excuse, as in - "I plugged it in and the default settings already
work?" (The mantra of the Windows admin).
NOT the mantra of the Windows admin.
IS the mantra of the "I don't care" or the "underqualified"
or the "uneducated" admin.
|
Do we really have to repeat the whole HELO argument every time someone asks
a simple question that happens to mention HELO or EHLO (OK, this one wasn't
so simple...it was more a should I than a how can I so the repetition is
less unjustified)?
--John
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Edgar Lovecraft
*nix forums beginner
Joined: 03 Feb 2005
Posts: 44
|
| Posted: Tue May 24, 2005 10:19 pm Post subject:
Re: Bogus HELOs
|
|
|
Gary Allen Vollink wrote:
| Quote: |
...[snip]...
Valid excuse, as in - "I plugged it in and the default settings already
work?" (The mantra of the Windows admin).
|
NOT the mantra of the Windows admin.
IS the mantra of the "I don't care" or the "underqualified"
or the "uneducated" admin.
--
--EAL--
--
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Greg A. Woods
*nix forums addict
Joined: 04 Feb 2005
Posts: 91
|
| Posted: Tue May 24, 2005 9:14 pm Post subject:
Re: Bogus HELOs
|
|
|
[ On Monday, May 23, 2005 at 13:34:09 (-0500), Gary Allen Vollink wrote: ]
| Quote: | Subject: Re: [exim] Bogus HELOs
Who's to say my true canonical hostname is something you will ever find?
In the case where you have a multi-homed host
|
A multi-homed host does indeed require special support in the MTA if it
is to properly honour the requirement that it utter its true canonical
hostname when acting as an SMTP client.
However there's no magic about it -- just call getsockname() to find the
local address the outgoing connection is bound to. Indeed some MTAs
already include at least primitive support for doing this right
(including Exim, IIUC), and hacking in getsockname() and gethostbyaddr()
to find the name automatically would be trivial in most MTAs too
(including Exim).
However the last time I saw, or even heard of, a true multi-homed SMTP
gateway (that was not a gateway to a private network (*)) was about 15
years ago.  [[(*) presumably hosts inside a private network can
trust their own public network gateway host(s)!]]
In any case there really is no valid excuse for any MTA to utter the
wrong hostname when it greets some remote SMTP server on the public
Internet.
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Gary Allen Vollink
*nix forums beginner
Joined: 13 May 2005
Posts: 12
|
| Posted: Tue May 24, 2005 7:43 pm Post subject:
Re: Bogus HELOs
|
|
|
Greg A. Woods wrote:
| Quote: | However there's no magic about it -- just call getsockname() to find the
local address the outgoing connection is bound to. Indeed some MTAs
already include at least primitive support for doing this right
(including Exim, IIUC), and hacking in getsockname() and gethostbyaddr()
to find the name automatically would be trivial in most MTAs too
(including Exim).
But in practice, what "would be trivial" is not going to happen unless |
every vendor makes it so. This would include going to each customer
site and updating FOR them.
| Quote: | However the last time I saw, or even heard of, a true multi-homed SMTP
gateway (that was not a gateway to a private network (*)) was about 15
years ago.
My server, inferno.inside: 192.168.2.4, is also... |
x.x.177.3 (dns) (and ntp, but reverse is for dns)
x.x.177.16 (mail)
x.x.177.106 (www)
x.x.177.111 (webmail)
which isn't to say that I don't still use mail.corvu.com in my HELO
lines (although the default setup for Exim [used to?] allow mail to go
out on any bound IP with a suitable default gateway).
driver=smtp
interface=IP_ADDRESS_HERE
| Quote: | In any case there really is no valid excuse for any MTA to utter the
wrong hostname when it greets some remote SMTP server on the public
Internet.
Valid excuse, as in - "I plugged it in and the default settings already |
work?" (The mantra of the Windows admin).
Also, of course, assuming Exchange servers didn't exist...
EHLO srv_exchange.domain.com
....I would agree with you. They "should", but they don't, and that
won't go away for a long, long time.
My point remains. For a business, it's impractical to expect that
everyone else has done it the same way you do. But do what you want.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
David Brodbeck
*nix forums addict
Joined: 02 Mar 2005
Posts: 53
|
| Posted: Mon May 23, 2005 5:07 pm Post subject:
RE: Bogus HELOs
|
|
|
| Quote: | -----Original Message-----
From: Jakob Hirsch [mailto:jh@plonk.de]
I treat EHLO data as totally meaningless, so I don't care about it.
After all, I don't want to lose mail because of such a thing.
|
I treat it as meaningless except for SpamAssassin scoring purposes, with one
exception -- on some of the servers I manage, I will reject mail from sites
that HELO with my server's own name. This isn't very common, but anyone who
uses software that stupid deserves what they get.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Gary Allen Vollink
*nix forums beginner
Joined: 13 May 2005
Posts: 12
|
| Posted: Mon May 23, 2005 4:34 pm Post subject:
Re: Bogus HELOs
|
|
|
Greg A. Woods wrote:
| Quote: | So long as it gets it right, what's the problem?!?!?!??
|
The possibility of getting it wrong is fairly high - though I've never
seen an Email system where you can't change the 'EHLO/HELO' string.
I've also never seen a mail system where you can change it based on the
host it's talking to (read on)...
| Quote: | The requirement is, and always has been, that the client greet the
server with its true, canonical, hostname. If the client has verified
its own name before uttering it to the server then there's no reason it
should allow some unskilled person to try to force it to use what might
be an invalid name.
Who's to say my true canonical hostname is something you will ever find? |
In the case where you have a multi-homed host (forget about the
complexities of NATed hosts)... there may be a wide disconnect between a
machine's given canonical name, and the host's name compared to DNS
settings (and from where). A server named galileo.exim.org may also
have (the more desirable) DNS name of mail.labs.exim.org. There is also
no requirement that my outbound server be the same as my domain's (MX)
inbound mail server. So in the case where my time server,
ntp.subnet.exim.org (srv-garg.labs.exim.org), is also acting as my
outbound mail server, the reverse lookup may not match my HELO/EHLO.
Similarly, while inside the network, the same exact host may be known as
'svr-galileo.lab1.inside' - so from internal relays, it's canonical name
would still 'appear' wrong when running reverse lookups.
Ignoring the HELO is safest (and suggested in the RFCs), and doing
anything else is fine for your 'home' server, but not good for a
business. That said, I would fully agree with bouncing helos that
mirror my server's name or IP.
Good luck,
Gary Allen Vollink
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Tue Dec 02, 2008 5:17 am | All times are GMT
|
|
Remortgages | McDonalds | Mortgage Calculator | Free Advertising | Mortgages
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
Apps
»
Exim
