On Wed, 07 Jul 2004 15:06:17 BST Ron McKeating wrote:
> Hi all, we are seeing lots of spam with H=(our ip address) eg
>
> H=(158.125.1.193) [210.114.196.215]
Here's my ACL to catch them
check_helo:
deny hosts = !127.0.0.0/8
message = Illegal argument in HELO/EHLO ($sender_helo_name)
log_message = Strange IP addr given
condition = ${if and {\
{ isip {$sender_helo_name}}\
{ !eq {$sender_helo_name}{$sender_host_address}}\
{ !eq {$sender_helo_name}{[$sender_host_address]}}\
}\
{yes}{no}}
deny hosts = !127.0.0.0/8
message = Illegal HELO/EHLO (You really can't be $primary_hostname)
log_message = Illegal HELO/EHLO (primary_hostname)
condition = ${if eq {${lc:$sender_helo_name}}{${lc:$primary_hostname}}\
{yes}{no}}
accept
Your milage may vary :-)
Regards _______________________________________________________________
Frank Elsner / c/o Technische Universitaet Berlin |
____________/ ZRZ, Sekr. E-N 50 |
| Einsteinufer 17 |
| Phone: +49 30 314 23897 D-10587 Berlin |
| eMail: Elsner@??? Germany ___________________|
|_________________________________________________________| Wegen dem Gedanken
