Marc MERLIN [8/4/2003 8:54 AM] :
> True, but due to how it's used, it needs to be a list, not an RBL.
> That said, this can be added to the config file as an ACL for rejecting
> connections.
also available as a wgettable text file - a cronjob to fetch it
periodically and build a cdb out of it might be an idea.
> Not a bad idea.
> I take contributions :-)
code for this was posted sometime back on exim-users - something like:
# Be polite and say HELO. Reject anything from hosts that havn't given
# a valid HELO/EHLO to us.
deny condition = ${if \
or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}}
message = RFCs mandate HELO/EHLO before mail can be sent
# Forged HELOs
deny message = Forged hostname detected in HELO
hosts = !+relay_from_hosts
log_message = Forged HELO detected
condition = ${if eq
{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{
yes}{no}}
deny message = Forged IP detected in HELO
hosts = !+relay_from_hosts
log_message = Forged IP detected in HELO: $sender_helo_name
condition = ${if
eq{$sender_helo_name}{$interface_address}{yes}{no}}
For extra points, sender_helo_name is checked against a list of your
local / virtual domains. Like if you host domain.com and someone sends
you HELO domain.com ...
srs
