#language en
== SpamAssassin Rule: HELO_DYNAMIC_DHCP ==

''Standard description:'' Relay HELO'd using suspicious hostname (DHCP)

=== Explanation ===

An untrusted relay used a hostname (FQDN) as a HELO argument during a SMTP transaction that appears to suggest a dynamically allocated hostname. For example "dhcp192-0-2-32.example.com".

This style of hostname is commonly found in the reverse DNS records for dynamically allocated addresses.  It's possible that a spam-engine on a hijacked PC will use a reverse DNS lookup of its own address to formulate a valid HELO argument.

=== Further Info ===

The default scores for this rule can be found [[http://spamassassin.apache.org/tests.html|in the online list of tests]].

See also [[Rules/HELO_DYNAMIC_IPADDR]]

The IETF's [[http://www.ietf.org/html.charters/dnsop-charter.html|dnsop]] working group
has a draft memo regarding a [[http://tools.ietf.org/html/draft-msullivan-dnsop-generic-naming-schemes-00|suggested naming scheme]] for reverse DNS.

----
CategoryRule