Re: [Exim] exim HELO ack

Top Page
Delete this message
Reply to this message
Author: John W. Baxter
Date:  
To: exim users
Subject: Re: [Exim] exim HELO ack
On 8/31/2003 8:28, "Suresh Ramasubramanian" <linux@???> wrote:

> # Forged hostname -HELOs as one of my own IPs
> deny message = Forged IP detected in HELO: $sender_helo_name
>        hosts = !+relay_from_hosts
>        log_message = Forged IP detected in HELO: $sender_helo_name
>    condition = ${if \
>    eq{$sender_helo_name}{$interface_address}{yes}{no}}


Suresh...

I (think I) understand what you're doing. I don't quite understand one of
the policies implemented...is it really OK if someone at one of your
relay_from_hosts elects to forge your mail server's IP address as the IP
address in EHLO/HELO in lieu of a real name?

Or is the hosts = part left over from they other two acl statements (not
quoted) where it makes perfect sense?

Or have I missed something (such as some relay_from_hosts really do have the
same IP but no name)?

--John