At 15:09 -0400 2003/05/02, William Thompson wrote:
[...]
> # Reject HELOs that contain IP addresses unless we are a relay for
> # them.
> drop !hosts = +relay_from_hosts
> message = ${lookup \
> mysql{select reject_reason \
> from eximconf.reject_messages \
> where reject_name='ip_helo'} \
> {${expand:$value}} \
> }
> log_message = HELO is an IP
> condition = ${if
>match{$sender_helo_name}{\N^\[?\d+\.\d+\.\d+\.\d+\]?$\N}{yes}{no}}
[...]
I think an IP as an HELO argument is within specs. At the same time I
think that any respectable mailserver would identify itself with a
name that resolves to its outgoing interface IP.
Presently I would accept an IP HELO unless it does not correspond to
the real IP of the peer (but my policy might change...).
I can confirm that a HELO check (also combined with a sender address
pattern check) can block most spam (even without RBLs), but it can be
the source of headaches with admins that cannot/want not to configure
their servers properly.
Giuliano
