James:
>
>2002-12-08 19:24:17 H=h-64-105-159-234.phlapafg.covad.net
>(puns01.punsterproductions.com) [64.105.159.234] F=<your@address>
>rejected RCPT <my@address>: MESSAGE REJECTED BECAUSE LIKELY FORGED
>SENDER. CONTACT OUR POSTMASTER IF THIS IS NOT TRUE.
this will not happen anymore here. I found out that my rule was too
strict for some stupid ebay server to get through:
2002-12-11 12:52:44 H=mx1.emailebay.com (campaign-4.sjc.ebay.com)
[216.33.156.121] F=<eBay.[a long string of numbers]@reply.ebay.com>
rejected RCPT <my@address>: MESSAGE REJECTED BECAUSE LIKELY FORGED
SENDER...
In this case, as in yours, the HELO does resolve to the host IP
address, although the reverse does not. So the rule now does this
check too in case the other criterium fails:
condition = ${if eq {$sender_host_name}{}{defer}{yes}}
condition = ${if and{\
{!eq \
{${extract{-2}{.}{$sender_host_name}{$value}fail}}\
{${extract{-2}{.}{$sender_helo_name}{$value}fail}}\
}\
{!eq \
{${lookup dnsdb{A=$sender_helo_name}{$value}{}}}\
{$sender_host_address}\
}\
}\
{yes}{no}\
}
arguably it could be written in a more readable form.
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/