[plug] Re: HELO antispam checks
Kirk Turner
kirk.turner at wagoonline.com
Tue Oct 19 08:27:40 WST 2004
On Mon, Oct 18, 2004 at 07:52:14PM +0800, Cameron Patrick wrote:
> James Devenish wrote:
>
> > > $ telnet mail.postnewspapers.com.au 25
> > > Connected to access.postnewspapers.com.au.
> > > Trying 202.72.149.28...
> > > Escape character is '^]'.
> > > 220 mail.postnewspapers.com.au ESMTP Postfix
> >
> > There you go: telnet to port 25 to find out how Exim is advertising
> > itself. Use QUIT<enter> or <esc>quit<enter> to escape from telnet.
>
> I think that Tim was asking about what it sends as the "HELO" on
> outgoing mail. (Though for all I know, this might be the same as the
> hostname in the banner it prints.)
Hmmm I'm not sure if they are the same, I had a problem with mails
getting bounced from a number of hosts I was trying to send to,
returning an error about not being a fully qualified domain name. Anyway
I found the answer by installing tcpdump on the server and setting up
the following filter and seeing what it was using as the domain name in
the HELO command.
The filter was simple:
tcpdump -w - tcp port 25
or
tcpdump -w dst 192.168.100.1
if you know of the particular ip address of the server rejecting the
emails.
Anyway the problem was that I had only 'mail' as myhostname instead of
the fully qualified domain name - which on hind sight was obvious :)
Kirk
More information about the plug
mailing list