james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefano Bagnara (JIRA)" <server-...@james.apache.org>
Subject [jira] Commented: (JAMES-463) Check for reverse on HELO/EHLO
Date Fri, 31 Mar 2006 10:58:34 GMT
    [ http://issues.apache.org/jira/browse/JAMES-463?page=comments#action_12372659 ] 

Stefano Bagnara commented on JAMES-463:

Currently we invoke directly the static method by:

We probably should add this method to DNSServer interface and access it looking up for the
service (Avalon Service).

In this way the dnsserver would be more pluggable and testable.
We could also provide a mock dnsserver to use in unittests.

The problem is that currently the DNSServer.getByName is used everywhere statically and in
some place would be difficult to get access to the ServiceManager to lookup the DNSServer.


About this specific issue I don't think it's a good idea to enable this check: many people
connect via firewalls/gateway with NAT or from networks with bad or unassigned reverse addresses:
you would reject their messages.
Furthermore, the check doesn't improve the security of the mailserver.

In fact, I never understood the need for the helo argument itself.

> Check for reverse on HELO/EHLO
> ------------------------------
>          Key: JAMES-463
>          URL: http://issues.apache.org/jira/browse/JAMES-463
>      Project: James
>         Type: New Feature
>   Components: SMTPServer
>     Reporter: Norman Maurer

> I complete a patch to support check that the provided helo is the reverse entry of the
connected mailserver. But anyone has an idea howto write a junit test for that ? Is there
a way to spoof the ip ? cause otherwise it will connect with and this will fail
cause there is no valid reverse for that.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org

View raw message