Re: [exim] check_helo_slow?

Página Inicial
Delete this message
Reply to this message
Autor: David
Data:  
Para: j2
CC: exim-users
Assunto: Re: [exim] check_helo_slow?

Hi !!

> How can be a "strictoid" and reject anything that doesnt have a proper
> reverse-DNS that matches the helo? (Exim 4.41)
>
> # HELO does not exist and no rdns
>
>  deny    condition     = ${if eq {$acl_m9}{}{yes}{no}}
>          condition     = ${if eq {$acl_m8}{}{yes}{no}}
>          message       = Bad HELO: $sender_helo_name does not resolve\n\
>                          Aditionally, $sender_host_address has no rDNS\n\
>                          Please see RFC 2821 section 4.1.1.1,\n\
>                          RFC 1123 section 6.1.1 and RFC 1912 section 2.1


    add this here:


    # HELO does not resolve to ip


    deny    condition     = ${if eq {$acl_m9}{}{no}{yes}}
            message       = Forged HELO: you are $sender_host_address\n\
                            please don't pretend to be $sender_helo_name
            log_message   = Forged HELO: HELO does not match client ip


If you try it, please let me now how much 'false positives' you get

--
Best regards ...

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------