In case this is useful to someone:
Unless I'm mistaken, exim's only helo/ehlo check is the full RFC check
(check given hostname vs hostname retrieved via a reverse lookup on the IP)
While it's indeed against the RFC's intent (although not spelled out), there
are reasons why you can get hostnames given in HELO that do not resolve on
the internet (host behind NAT) or that don't match the host that connected
to you (load balancing SMTP servers that helo as a domain but reverse to
their individual hostnames, although I'll agree that one is shaky)
Anyway, the point being that full ehlo checking will reject a fair amount of
legitimate Email.
You can however do a limited check, which will get rid of all the bogus non
domain values that virii and other junk senders give you for HELO
Here's that I wrote:
acl_check_rcpt:
deny message = "HELO/EHLO required by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
deny message = "Invalid domain or IP given in HELO/EHLO"
!condition = ${if match{$sender_helo_name}{\\\.}{yes}{no}}
Feel free to reuse
Cheers,
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page:
http://marc.merlins.org/ | Finger marc_f@??? for PGP key
