Um, no false positives? doesn't that mean you manually inspect all your logs of dropped connections? Doesn't, by extension, that mean you might as well let all the stuff through and check them at the client end? :-) Cheers - N

...

...

Juha Saarinen 15/06/2004 3:30:14 p.m. >>> neil gardner wrote:

http://www.cs.niu.edu/~rickert/cf/bad-ehlo.html

Decent understandable writeup of the "You should send the right info" and "Don't drop email if you get the wrong info" arguments...

... and having said all that, I admit to dropping some some messages based on HELOs. Mainly viruses and spamware connections, with no false positives yet. Touch wood. -- Juha NOTICE: This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action in reliance on it. If you have received this message in error please notify Allied Telesyn Research Ltd immediately. Any views expressed in this message are those of the individual sender, except where the sender has the authority to issue and specifically states them to be the views of Allied Telesyn Research.