[exim] check_helo_slow?

Top Page
Delete this message
Reply to this message
Author: j2
Date:  
To: exim-users
Subject: [exim] check_helo_slow?
Hello!

I have been using check_helo_slow for a while (I cannot recall where i found
it, and sa search in the list-archives came up blank, so i enclosed it
below)

But what i cant figure out is why messages such as the belo are accepted?
Because statler (where this ACL is) should detect that the "farell.tc" has
nothing to do with 220.83.164.21?

How can be a "strictoid" and reject anything that doesnt have a proper
reverse-DNS that matches the helo? (Exim 4.41)

Return-path: <elvis.donahue@???>
Envelope-to: j2@???
Delivery-date: Sun, 09 Jan 2005 15:50:06 +0100
Received: from [10.4.0.1] (helo=statler.mupp.net)
by cookiemonster.mupp.net with esmtp (Exim 4.41)
id 1CneO3-0001y2-Bb
for j2@???; Sun, 09 Jan 2005 15:49:47 +0100
Received: from [220.83.164.21] (helo=farrell.tc)
by statler.mupp.net with smtp (Exim 4.41)
id 1CneO0-0002v5-Rs
for nsi-contact@???; Sun, 09 Jan 2005 15:49:46 +0100
Received: from 159.138.64.198 by smtp.larsen.dk;
Sun, 09 Jan 2005 14:58:19 +0000
Message-ID: <2afa01c4f65b$852f7e97$f40dff21@???>
From: "Elvis Donahue" <elvis.donahue@???>
To: nsi-contact@???
Subject: Tadalafil Soft Tabs - Great results!
Date: Sun, 09 Jan 2005 17:57:48 +0300
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-mupp.net-MailScanner: Found to be clean
X-MailScanner-From: elvis.donahue@???





acl_check_helo_slow:

#accept authenticated = *

# Accept ip address, nothing to check

  accept  condition     = ${if isip{$sender_helo_name}{yes}{no}}


# Get hostname

  warn    condition     = ${if eq {$sender_host_name}{}{yes}{no}}
          set acl_m8    = ${lookup dnsdb{ptr=$sender_host_address}\
                           {${lc:$value}}{}}


  warn    condition     = ${if eq {$sender_host_name}{}{no}{yes}}
          set acl_m8    = $sender_host_name


# Hostname matches HELO

  accept  condition     = ${if match {$acl_m8}\
                           {${lc:$sender_helo_name}}{yes}{no}}


  # Lookup HELO
 warn    set acl_m9    = ${lookup dnsdb{a=$sender_helo_name}{$value}{}}


  warn    condition     = ${if eq {$acl_m9}{}{no}{yes}}
          set acl_m9    = ${tr{$acl_m9}{\n}{:}}


# HELO resolves to ip

  accept  condition     = ${if eq {$acl_m9}{}{no}{yes}}
          condition     = ${if match {$sender_host_address}\
                          {($acl_m9)}{yes}{no}}


# HELO does not exist and no rdns

  deny    condition     = ${if eq {$acl_m9}{}{yes}{no}}
          condition     = ${if eq {$acl_m8}{}{yes}{no}}
          message       = Bad HELO: $sender_helo_name does not resolve\n\
                          Aditionally, $sender_host_address has no rDNS\n\
                          Please see RFC 2821 section 4.1.1.1,\n\
                          RFC 1123 section 6.1.1 and RFC 1912 section 2.1


# Accept bad/no rdns :(

  accept  condition     = ${if eq {$acl_m8}{}{yes}{no}}


  # If HELO is the domain of the sender, hostname must match HELO
 deny    condition     = ${if eq {${lc:$sender_helo_name}}\
                          {${lc:$sender_address_domain}}{yes}{no}}
          message       = Forged HELO: you are $acl_m8\n\
                          please don't pretend to be $sender_helo_name
          log_message   = Forged HELO: Hostname does not match HELO


# Forged HELO (yahoo - international)

  deny    condition     = ${if match {$sender_helo_name}{yahoo}{yes}{no}}
          message       = Forged HELO: you are not $sender_helo_name
          log_message   = Forged HELO: Not a yahoo server


# Check list of domains which HELO should match the hostname

  warn    set acl_m9     = ${lookup{$sender_helo_name} \
                           partial-lsearch{/etc/exim/helo-check} \
                          {${if eq{$value}{}{$sender_helo_name}{$value}}}{}}


# Not in match list

  accept  condition      = ${if eq {$acl_m9}{}{yes}{no}}


  # Forged HELO (HELO does not match host)
 deny    condition      = ${if !match{$acl_m8}{$acl_m9}{yes}{no}}
          message        = Forged HELO: you are not $sender_helo_name
          log_message    = Forged HELO: Not a $acl_m9 server


# Everything fine

accept