Re[2]: [Exim] exim HELO ack

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Exim Users List
Date:  
À: Exim Users List
Sujet: Re[2]: [Exim] exim HELO ack
On Wed, 27 Aug 2003 17:34:28 +0100 Jez Hancock <jez.hancock@???> wrote:
> Is it not even more expedient to drop bad HELO/EHLOs in an acl_smtp_helo
> ACL or is this potentially problematic?


it depends on your circumstances. there's a sound reason to exclude
relay_hosts from the FQDN test at corporate sites where internal M$ hosts
are likely using non-FQDNs when sending mail.

once you make sure that you're not excluding legit hosts, i see no reason
not to use drop at the earliest possible moment when you are reasonably
certain you're dealing with a bad actor like a virus infested M$ box.
likewise, if a host is listed in opm.blitzed.org or cbl.abuseat.org, it's
almost certain to be a program that isn't going to care about the 5xx
you're sending back, so you might as well detect and drop as early as
possible.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security