[exim] Re: Help with helo check, please...

Top Page
Delete this message
Reply to this message
Author: John Hall
Date:  
To: exim-users
Subject: [exim] Re: Help with helo check, please...
"Toralf Lund" <toralf@???> wrote in message
news:41F8C734.5020205@???...

> Also, the IP address test in check_helo seems to work if I hardcode
> the address like this:
>
>    deny condition = ${if or {{eq
>    {$sender_helo_name}{193.214.130.4}}{match
>    {${lc:$sender_helo_name}}{\N^(.*\.|)(DOMAINS)$\N}}}{1}{0}}
>           message   = Do not pretend to be me, impostor

>
> So maybe $interface_address just isn't set the way I expected. (Any ideas
> why?)


The relevant sections from my exim.conf are as follows:

  # Reject HELO that matches my external IP
  deny message = Forged IP detected in HELO: $sender_helo_name
    hosts = !+relay_from_hosts
    log_message = Forged IP detected in HELO: $sender_helo_name
    condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}


  # Reject HELOs that are on a list of previously seen forged HELOs (mainly
  # matches on my domain names)
  deny message = Suspected forgery in HELO: $sender_helo_name
    hosts = !+relay_from_hosts
    log_message = Forged hostname detected in HELO: $sender_helo_name
    condition = ${lookup {$sender_helo_name} lsearch 
{/etc/mail/forged_helo}{yes}{no}}


As you can see, I am using $interface_address, and it definitely works.

I have a file, /etc/mail/forged_helo that contains a list of several
local domains and hosts.

Regards,
John