On Sun 27/Sep/2020 20:11:39 +0200 Simon Hobson wrote:
> Alessandro Vesely via Dng <dng@???> wrote:
> [...]
>> And it is key to get an IP address without poorly reputed neighbors —check talosintelligence.com.
>
> I have no choice over the neighbours !


Don't buy overly cheap connections...


>>> I also use lack of rDNS as a check. I also check it for obvious misconfigurations like (from memory) : it's an IP literal (not allowed by RFC),
>>
>> Currently, the RFC allows anything in the HELO name.
>
> Without looking it up, I'm sure there are some constraints.

    The SMTP client MUST, if possible, ensure that the domain parameter
    to the EHLO command is a primary host name as specified for this
    command in Section 2.3.5.  If this is not possible (e.g., when the
    client's address is dynamically assigned and the client does not have
    an obvious name), an address literal SHOULD be substituted for the
    domain name.

    An SMTP server MAY verify that the domain name argument in the EHLO
    command actually corresponds to the IP address of the client.
    However, if the verification fails, the server MUST NOT refuse to
    accept a message on that basis.
                     https://tools.ietf.org/html/rfc5321#section-4.1.4

> In any case, there are some thing it makes sense to block - so-one else should be running a mail server and claiming to be in my domain, stuff like that. Some basic protocol checks block a good proportion of spam - and very cheaply in terms of resources needed.


Correct. Mail servers have a variety of option to check the HELO name.

Another possibility to discard spammers claiming to be your domain is to set
SPF -all. That, however, has other drawbacks.


Best
Ale
--