On 24 Jul 2005 at 19:12, Roman Khassraf wrote about
"Re: [exim] no ehlo possible when se":
| i tested the IP with -bh command, and the IP worked fine.
So I'm not crazy. Good! ;)
| i think you are right with the firewall
| the client is behind a cisco 836 dsl router, installed and maintained by the
| ISP, i think that mailguard feature is on.
| i will check that out
Cisco has a lot to answer for IMHO.
| hey fred, thanks a lot for your help
No problem. BTW, I see John pointed out the problem with your IP
match expression. FWIW, I do similar helo checks a little
differently. I have these in my RCPT ACL (not HELO ACL so the
roadwarrior clients can authenticate):
# Reject messages from non-local, non-authenticated servers
# claiming to be us
deny message = Spoofed server name detected
!hosts = +relay_from_hosts
!authenticated = *
condition = ${if or { \
{match {${lc:$sender_helo_name}} {epitools\.com}} \
{match {${lc:$sender_helo_name}} {episupport\.com}} \
{match {${lc:$sender_helo_name}} {embeddedperformance\.com}} \
{eq {$sender_helo_name} {[66.166.77.34]}} \
{eq {$sender_helo_name} {66.166.77.34}} \
} {yes} {no}}
# Reject hosts that HELO with an IP address. Promoted from quarantine
# after 90 days with no false positives.
deny message = rejected, invalid HELO name (give your name, not your IP address)
condition = ${if isip {$sender_helo_name}{true}{false}}
- Fred
