I think I'm having a bit of a "duh" moment.
I'm trying to block mail that comes in through my secondary MX, where
any header contains the line "helo=ip.add.re.ss"
Eg:
Received: from <relay> ([<relay's ip>])
by pear.silverwraith.com with esmtp (Exim 4.30; FreeBSD)
id 1B2yMr-000NUM-Ls
for <rcpt addr>; Mon, 15 Mar 2004 12:07:21 -0800
Received: from acc2ecbd.ipt.aol.com ([172.194.236.189] helo=172.194.236.189)
by <relay> with smtp (Exim)
id 1B2yMo-0001QW-00
for <rcpt addr>; Mon, 15 Mar 2004 12:07:21 -0800
deny hosts = <relay>
message = Bad person passing through relay
condition = ${if match {$h_received:}{helo=[\d+\.\d+\.\d+\.\d+]}{yes}{no} }
This doesn't seem to catch it..
--
Avleen Vig
Systems Administrator
Doing virtual domain hosting with Exim?
Check out Virtual Exim: http://silverwraith.com/vexim
(Click the banner, support development..)
