Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Spamassassin Wiki" for change notification.
The following page has been changed by MichaelScheidell:
http://wiki.apache.org/spamassassin/Rules/FORGED_RCVD_HELO
New page:
#language en
== SpamAssassin Rule: FORGED_RCVD_HELO ==
''Standard description:'' Received: contains a forged HELO
=== Explanation ===
Every outgoing mail server SHOULD announce its FQDN (fully qualified Domain Name) in the first line of the SMTP session (note, only EHLO is REQUIRED to be a valid FQDN), however, many anti-spam systems at large ISP's and email providers are rejecting email sessions and email from hosts that appear to 'forge' their HELO line.
Many 'default' installations may 'forge' a helo line of 'localhost.localdomain', or 'localhost'. Or in the case of Microsoft Exchange server inside a local network, it may (by default) use the LOCAL name, associated with the LOCAL, internal ip address, not the external name for the external ip address.
=== Further Info ===
Example:
Microsoft server at ip address 192.168.1.2, internal name is mail.local.
External (Natted, public ip address) is 204.89.240.175, external name is not.mail.spammertrap.com
The 'received' line looks like this:
Received: from mail.local (not.mail.spammertrap.com [204.89.240.175])
To Fix:
Make sure the FQDN hostname and IP address match REVERSE and Forward DNS lookups.
Then see the documentation for your OUTBOUND mail server.
The default scores for this rule can be found [http://spamassassin.apache.org/tests.html in the online list of tests].
----
CategoryRule
You have subscribed to a wiki page or wiki category on "Spamassassin Wiki" for change notification.
The following page has been changed by MichaelScheidell:
http://wiki.apache.org/spamassassin/Rules/FORGED_RCVD_HELO
New page:
#language en
== SpamAssassin Rule: FORGED_RCVD_HELO ==
''Standard description:'' Received: contains a forged HELO
=== Explanation ===
Every outgoing mail server SHOULD announce its FQDN (fully qualified Domain Name) in the first line of the SMTP session (note, only EHLO is REQUIRED to be a valid FQDN), however, many anti-spam systems at large ISP's and email providers are rejecting email sessions and email from hosts that appear to 'forge' their HELO line.
Many 'default' installations may 'forge' a helo line of 'localhost.localdomain', or 'localhost'. Or in the case of Microsoft Exchange server inside a local network, it may (by default) use the LOCAL name, associated with the LOCAL, internal ip address, not the external name for the external ip address.
=== Further Info ===
Example:
Microsoft server at ip address 192.168.1.2, internal name is mail.local.
External (Natted, public ip address) is 204.89.240.175, external name is not.mail.spammertrap.com
The 'received' line looks like this:
Received: from mail.local (not.mail.spammertrap.com [204.89.240.175])
To Fix:
Make sure the FQDN hostname and IP address match REVERSE and Forward DNS lookups.
Then see the documentation for your OUTBOUND mail server.
The default scores for this rule can be found [http://spamassassin.apache.org/tests.html in the online list of tests].
----
CategoryRule