From a90c881ae5ab4fd70d8cf7214de91725ec86f7b5 Mon Sep 17 00:00:00 2001
From: Matt Simerson <matt@tnpi.net>
Date: Fri, 15 Mar 2013 22:16:06 -0700
Subject: [PATCH] helo: added comments

---
 plugins/helo | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/plugins/helo b/plugins/helo
index ef06dcc..aace329 100644
--- a/plugins/helo
+++ b/plugins/helo
@@ -368,6 +368,7 @@ sub is_forged_literal {
     my ( $self, $host ) = @_;
     return if $host !~ m/^\[(\d{1,3}\.){3}\d{1,3}\]$/;
 
+# should we add exceptions for reserved internal IP space? (192.168,10., etc?)
     $host = substr $host, 1, -1;
     return if $host eq $self->qp->connection->remote_ip;
     return ("Forged IPs not accepted here", "forged IP literal");
@@ -444,6 +445,9 @@ sub no_reverse_dns {
 sub no_matching_dns {
     my ( $self, $host ) = @_;
 
+# this is called iprev, or "Forward-confirmed reverse DNS" and is discussed in RFC 5451
+# consider adding header: Authentication-Results
+
     if ( $self->connection->notes('helo_forward_match') &&
          $self->connection->notes('helo_reverse_match') ) {
         $self->log( LOGDEBUG, "foward and reverse match" );