[Pymilter] hostname in Authentication-Results

Stuart D Gathman stuart at gathman.org
Mon Mar 10 20:43:36 EDT 2025


On Mon, 10 Mar 2025, Marco Moock wrote:

> m at srv1:~$ hostnamectl
> Static hostname: srv1

This is not a FQDN.

Mine:
[stuart at mail ~]$ hostnamectl
    Static hostname: mail.gathman.org

> I've read many docs that say /etc/hostname should only contain the
> hostname and not the FQDN. The question is what

That seems totally wrong to me.  What is the justification?  Where is
an example?  I have been doing email since before SMTP (UUCP ftw).  I
have been fighting this tendency to use unqualified names for at least 3
decades.  I've read many totally ignorant and wrong docs say HELO should
contain an unqualified name (directly contradicting the RFC).

>> 4) Have pyspf use milter API to obtain the MTA name configured for
>> HELO
>> - which is *supposed* to be the fully qualified hostname.  Again, this
>> is misconfigured even more often than hostname.
>
> It isn't wrong on my machine, just checked with sendmail -v

That might be a good approach.  Also, milters can run on a different
host than the MTA, and the "hostname" in Received-SPF is the MTA
hostname.  So it might be the more correct approach.

>> throw a (hopefully informative) exception if that is not that case.
>>
>> Have listed these, I lean toward #5.
>
> Would it be reasonable to have such a feature in the normal release?

Yes, I think it should try various methods to get hostname, and
it none of them yield a FQDN - give up and throw an exception.
Should probably log the various methods tried at startup as well.


More information about the Pymilter mailing list