Re: [Exim] HELO acl

Góra strony
Delete this message
Reply to this message
Autor: Tony Earnshaw
Data:  
Dla: exim-users@exim.org
Temat: Re: [Exim] HELO acl
man, 2003-03-31 kl. 14:52 skrev William Thompson:

> > > No. Consider the fine example of an IP which is not one of yours sending
> > > you mail claiming it is a host in your domain. Like - some random korean IP
> > > connects to you and says "HELO perlgolf.de"
> >
> > Wow, a spammer who tries to greet my host directly :)
> >
> > But ok, you're right, I think some spam could be refused with a helo-check
> > (hosts pretending to be aol/yahoo/etc.).
> >
> > But heuristic checks (helo-name has to match hostname) aren't an option.
> > Checks for the usual faked helo-names are ok.
>
> I have also seen HELOs that are nothing by MY own IP address. That's pretty
> much an indication of spam...


But you can insist on a helo/ehlo that is not an IP number, insist on a
host name:

deny  message   = "Invalid domain given in HELO/EHLO"
!condition      = ${if
match{$sender_helo_name}{$sender_host_name}{yes}{no}}


> I'm not sure about HELOs that are IPs. How many legit email would be
> blocked by that?


That's why I talk about myself maybe being blue-eyed. In my present
position I can deny what I like. In an earlier existence as mailadmin
for a firm that had all sorts of customers (Exim 3), I had to have a
lookup file in which I stuffed the IP numbers or host names of
individual customers with broken mail servers, mostly MS Exchange, and
made them exceptions. It depends on who is paying you for doing what.

Best,

Tony

--

Tony Earnshaw

e-post:        tonni@???
www:        http://www.billy.demon.nl