Toralf Lund wrote:
> Peter Bowyer wrote:
>
>> Toralf Lund said:
>>
>>
>>> I just noticed that the following
>>>
>>> warn !verify = helo
>>> message = Message sent with invalid HELO/EHLO
>>> ($sender_host_name
>>> [$sender_host_address] presented itself as $sender_helo_name)
>>>
>>>
>>> in "check_recipient" will produce
>>>
>>> X-ACL-Warn: Message sent with invalid HELO/EHLO (localhost [127.0.0.1]
>>> presented itself as [127.0.0.1])
>>>
>>> in all outgoing messages sent via "localhost". That's when using
>>> Mozilla
>>> client. What's the best way around this? Perhaps I don't need the HELO
>>> check when sending like this, but I do want it for incoming messages,
>>> and possibly also hosts the setup relays for...
>>>
>>>
>>
>> It's easy enough to disable it for localhost (hosts = ! 127.0.0.1 for
>> example).
>>
> It turns out I have
>
> helo_try_verify_hosts = !127.0.0.1 : \N!^(.*\.|)(DOMAINS)$\N
>
> (where DOMAIN is the list of local domains.) Shouldn't that mean that
> localhost isn't checked? Or do I need to exclude it in the actual ACL?
> I'm not sure I understand exactly how e.g.
>
> warn !verify = helo
>
> is "connected" to "helo_verify_hosts" or "helo_try_verify_hosts"
Actually, maybe the problem is that the HELO is, strictly speaking, not
verified since the verification is skipped. The real question is perhaps:
How do I distinguish between "not checked" and "verification failed"?
- T
