On Wed, Aug 21, 2002 at 02:28:30PM +0100, Chris Edwards wrote:
> Could be missing something. But haven't found it yet...
>
> Setting helo_verify_hosts checks the HELO string exactly matches the
> reverse DNS of the calling IP, which is *much* stricter. Sadly on today's
> internet this rejects virtually all mail! (perhaps slight exaggeration...)
I wrote this for my servers:
(rcpt ACL)
# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.
accept domains = +local_domains
local_parts = postmaster
deny message = "HELO/EHLO required by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
deny message = "Invalid domain or IP given in HELO/EHLO"
!condition = ${if match{$sender_helo_name}{\\\.}{yes}{no}}
Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger marc_f@??? for PGP key