Date: Mon, 6 Mar 2017 18:12:10 +0000 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question Message-ID: <20170306181210.3bade5d9@gumby.homeunix.com> In-Reply-To: <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 6 Mar 2017 17:15:22 +0000 Matthew Seaman wrote: > On 2017/03/06 16:56, Quartz wrote: > > By default, if you're behind a NAT, Thunderbird sends your local IP > > address as part of the 'hello' when connecting to a mail server, > > which then gets stamped into the header info for all to see as the > > email is sent down the chain. This doesn't matter. > > I'm trying to debug some email issues, and I suspect that this > > initial header might be part of my problems. I can configure > > Thunderbird to send an arbitrary string instead of a NAT IP via the > > mail.smtpserver.smtp*.hello_argument variable, but I'm not 100% sure > > what I can legitimately put here without getting my emails marked as > > spam. Does this field have to match the reverse-lookup up of the > > world-routable external IP that you send the email through, or can > > it be any arbitrary string that matches a domain name pattern? Can > > anyone point me to a resource that explains this in depth? > In particular, for the specific case of a client program like > Thunderbird talking SMTP to a server via the Submission port (587) it > is rare to find this sort of check. For mail submission you generally > identify yourself by logging into the server after switching your > connection to TLS, which provides better proof of identity than > forward and reverse DNS checks. The HELO/EHLO name thing is much > more important for MTA to MTA transmission via port 25. There is an exception to that. The RFC allows a fully qualified domain name or an IP address in square brackets. A "bare" IP address, without the backets, would be an RFC violation. SpamAssassin has rules that will punish this heavily, even on a deep received header. I don't know if its even possible, but it wouldn't be a good idea to make Thunderbird use an alternate IP address as a helo if it doesn't end-up inside brackets.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170306181210.3bade5d9>