SpamAssassin Rule: HELO_DYNAMIC_DHCP
Standard description: Relay HELO'd using suspicious hostname (DHCP)
Explanation
An untrusted relay used a hostname (FQDN) as a HELO argument during a SMTP transaction that appears to suggest a dynamically allocated hostname. For example "dhcp192-0-2-32.example.com".
This style of hostname is commonly found in the reverse DNS records for dynamically allocated addresses. It's possible that a spam-engine on a hijacked PC will use a reverse DNS lookup of its own address to formulate a valid HELO argument.
Further Info
The default scores for this rule can be found ![[WWW]](/wiki/modern/img/moin-www.png){kind=small}
in the online list of tests.
See also Rules/HELO_DYNAMIC_IPADDR
The IETF's dnsop working group has a draft memo regarding a suggested naming scheme for reverse DNS.