Billy Harvey wrote:
> More and more of the spam I receive is sending the HELO line with *my*
> IP address. In the Received headers this is easy enough to see and
> auto-delete, but I want to be able to reject at recipt time - that is if
> the actual IP address doesn't match the stated IP address, I want to
> reject the mail.
>
> Any guidance on this?
I use:
deny message = Faked IP in HELO/EHLO
condition = ${if match{$sender_helo_name}{\N^\d{1,3}(\.\d{1,3}){3}$\N}{yes}{no}}
!verify = helo
it does not work in the HELO ACL (yet), but you should give your local users
a chance to AUTH first anyway, so put it the MAIL or RCPT ACL.
Regards
Oliver
