Re: [exim] Using CSA in Exim

Top Page
Delete this message
Reply to this message
Author: Tony Finch
Date:  
To: John Horne
CC: Exim users
Subject: Re: [exim] Using CSA in Exim
On Mon, 23 May 2005, John Horne wrote:
>
> I'm installing Exim 4.51 on to a server and including the new CSA patch
> so that we can test it a bit.


Cool!

> By 'bare IP address' I assume something like '10.1.2.3' - no surrounding
> square brackets. Surely though it is a relatievly common practice to
> reject mail from those hosts using just an IP address in their HELO
> command? As such, this CSA check (for a bare IP address) is not likely
> to succeed unless it preceeds the usual HELO checks.


If you want to be more strict than the CSA patch that's fine; it is
deliberately conservative.

One of the common variants of the IP address HELO heuristic is to reject
only if the client used the server's IP address. You can use CSA records
in the reverse DNS to implement this check, just like CSA records in the
forward DNS implement the corresponding check for domain names. I decided
to treat bare IP addresses as IP addresses rather than domains because
that is more useful (though less correct).

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}