Re: [exim] Rejecting faked numeric HELO

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Frank Elsner
Dátum:  
Címzett: John Horne
CC: exim-users
Tárgy: Re: [exim] Rejecting faked numeric HELO
On Mon, 06 Jun 2005 14:44:15 +0100 John Horne wrote:
> On Mon, 2005-06-06 at 14:29 +0200, Frank Elsner wrote:
> >
> > I use with success:
> >
> >   deny message = Illegal argument in HELO/EHLO ($sender_helo_name)
> >        log_message = Strange IP addr given
> >        condition = ${if and {\
> >                        { isip {$sender_helo_name}}\
> >                        { !eq  {$sender_helo_name}{$sender_host_address}}\
> >                        { !eq  {$sender_helo_name}{[$sender_host_address]}}\
> >                             }\
> >                         {yes}{no}}

> >
> Hello,
>
> Surely though if 'isip' matches the sender_helo_name, then an IP literal
> (in the square brackets) will never match the sender_host_address (so
> your third test will always be true)? I'm assuming that 'isip' matches
> an actual IP address, and not an IP address in square brackets?
>
> Secondly, my understanding was that an IP-literal was allowed (by RFC)
> in the HELO command, and as such there's no reason for rejecting it?


Yes, an IP is allowed but it must be the one of the sending host.


--Frank Elsner