Re: [Exim] HELO syntax check at RCPT

Top Pagina
Delete this message
Reply to this message
Auteur: Peter Bowyer
Datum:  
Aan: exim-users
Onderwerp: Re: [Exim] HELO syntax check at RCPT
James P. Roberts <punster@???> wrote:
> Greetings,
>
> Is it possible to enforce the HELO/EHLO syntax check at RCPT time
> instead of HELO time? My logs are starting to fill up with junk from
> syntactically invalid hosts (yes those stupid underscores), that keep
> retrying many, many times.
>
> I do not wish to accept from these hosts. I just want to give them a
> 5xx at RCPT time so they will (hopefully) stop retrying.
>
> I probably just need more coffee. Any suggestions?


Sure - use helo_accept_junk_hosts or helo_accept_chars to prevent exim from
rejecting them at HELO time, then write a condition which inspects
$sender_helo_name and use it in your acl-smt-rcpt acl.

This one, for example, rejects recipients who HELOd with our IP address :

deny message = Forged IP detected in HELO: $sender_helo_name
       hosts = !+relay_from_hosts
       log_message = HELOd with our IP: $sender_helo_name
       condition = ${if \
          eq{$sender_helo_name}{$interface_address}{yes}{no}}


Maybe you want

condition = $if { match { $sender_helo_name} {*_*} {yes}{no}}

to find HELO names with underscores.

(untested)

There isn't (AFAIK) a generic test for a legal helo name - you need to roll
your own.

Peter