On Apr 20, 2004, at 12:56, Franz Georg Köhler wrote:
> On Di, Apr 20, 2004 at 07:45:31 +0200, Anand Buddhdev
> <anand@???> wrote:
>> domainlist local_domains = mysql;select distinct domain from users \
>> where domain='$domain';
>>
>> I then use the named list "local_domains" in various tests in the RCPT
>> ACL.
> This is what I use:
>
> deny message = Invalid HELO ($sender_helo_name): Your name is
> hard to believe.
> hosts = !+relay_from_hosts
> log_message = Forged HELO detected
> condition = ${if eq
> {${lc:$sender_helo_name}}{${lc:$domain}}{yes}{no}}
That probably will not cut it in Anand's case, because it seems like he
has a whole list of local domains. But maybe the following will (a
simplified version of what I use):
deny message = CAN-SPAM act violation
condition = ${if eq {${lookup
dnsdb{a=$sender_helo_name}{$value}}}\
{$interface_address}\
{true}{false}}
log_message = remote host used our name in HELO/EHLO greeting
delay = 20s
-tor
