> > # Reject HELOs that contain IP addresses unless we are a relay for
> > # them. I realize this might not be a good idea, but haven't seen
> > # any legit HELOs to this server with IPs.
> > deny !hosts = +relay_from_hosts
> > message = HELO may not be an IP address
> > condition = ${if match{$sender_helo_name}{\N^\[?\d+\.\d+\.\d+\.\d+\]?$\N}{yes}{no}}
>
> As far as I'm concerned, no relay_from host may give an IP number in a
> helo/ehlo. Nobody else, either. If necessary for yourself, you can use
> sender_host_address or extract the client's IP number form
> sender_fullhost - you don't need a regex.
The reason I used a regex is to see if the HELO was an IP (regardless of
who's it is) I couldn't think of a better way to test for that. As far as
relay_from_hosts, all I relay for is internal IPs which I don't care if HELO
is accurate or not (most of them just show up as "x")
> > {eq{$sender_helo_name}{hotmail.com}} \
> > {eq{$sender_helo_name}{msn.com}} \
>
> For all of this stuff, you could do a lookup, once and for all.
I could, that was just my first idea that expanded to that.
How would I do a lookup when I know a site might be like hotmail/msn?
How do I test if the db file would be:
msn.com *.hotmail.com:*.msn.com
hotmail.com *.hotmail.com:*.msn.com
I don't fully understand lookups yet.