On Tue, 6 Apr 2004, Tor Slettnes wrote:
> You could do that; and rather than hardcoding an IP address, I would do
> the following:
>
> deny message = You claim to be me? Go away!
> condition = ${if eq {$sender_helo_name}{$interface_address} \
> {true}{false}}
The only problem with this is my server is behind a layer 4 switch (load
baalancer) so $interface_address is not the public address.
> But frankly, _any_ IP address in a HELO/EHLO greeting is invalid, so
> long as it is not an IP literal enclosed within square brackets:
> EHLO [192.168.1.2]
>
>
> Thus, I would (and do):
>
> deny message = You greeted me with an IP address. I want your
> name.
> condition = ${if isip {$sender_helo_name}{true}{false}}
>
Nice. I'll have to double check my logs make sure I don't have any
boneheaded customers breaking the rfc and maybe implement that.
Thanks
-S
--
Scott Call Router Geek, ATGi, home of $6.95 Prime Rib
I make the world a better place, I boycott Wal-Mart
VoIP incoming: +1 360-382-1814
