On Sun, 2 May 1999, Ben Smithurst wrote:
> > A log entry of an "incoming" mail looks similar to this:
> > /date, time, id/ <= guy_in_a@??? H=host.sending.dom (sending.dom)
> > /IP, protocol, size, id/
> >
> > Relaying can be allowed by inserting *.sending.dom to
> > sender_host_accept_relay .
> >
> > *Is there a way to also check if the term in brackets (sending.dom)
> > matches a given pattern?*
>
> Even if there is, it would probably be unwise to use it. That string
> in brackets is just the argument the remote SMTP client gives to the
> HELO/EHLO command. So, it is trivial to forge this information and
> shouldn't be trusted, IMHO. Why do you want to use that information
> anyway -- what is wrong with just using the hostname or IP address?
Greetings,
I need to check the HELO-string as additional proof. There is one host
that has to relay mail over my host since their ISPs SMTP-Server is _way_
too slow. Since this host has a dynamic IP and a fqdn from its ISP,
checking the net (IP) would not help at all - there would still all
customers of that ISP be able to relay mail through my computer.
Checking the HELO string (and the host name) wouldn't necessarily block a
spammer from pretending to be an allowed host, but it would minimize the
risk. At least I think so :|
Regards,
Volker
--
------------------------------------------------------------------------
Volker T. Mueller Albert-Ludwigs-Universitaet Freiburg im Breisgau
Student der Informatik vtmue@??? +49 761 355-03 -80(fax)
"Wer unter euch meint, weise zu sein in dieser Welt,
der werde ein Narr, daß er weise werde." 1.Kor 3,18
--
*** Exim information can be found at
http://www.exim.org/ ***
