[exim] Please help with ACL issue

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Bill Horne
Date:  
To: exim-users
Subject: [exim] Please help with ACL issue
Thanks for ready this.

I've just modified one of my ACLs by adding this stanza, which I though
would flag MTA's whose HELO/EHLO didn't match their IP: 

  warn
    message     = X-HELO-Warning: Remote host $sender_host_address \
                  ${if def:sender_host_name {($sender_host_name) }}\
                  incorrectly presented itself as $sender_helo_name
    log_message = remote host presented unverifiable HELO/EHLO greeting.
    !verify     = helo



When I sent myself a test message, I got this result: 

Return-path: <bill_horne@???>
Envelope-to: exim@???
Delivery-date: Sun, 01 Oct 2006 15:33:23 -0400
Received: from mail1.sea5.speakeasy.net ([69.17.117.3]) by
        billhorne.homelinux.org with esmtp (Exim 4.50) id
1GU73r-0003Lq-GZ for
        exim@???; Sun, 01 Oct 2006 15:33:23 -0400
Received: (qmail 31313 invoked from network); 1 Oct 2006 19:32:21 -0000
Received: from dsl092-086-246.bos1.dsl.speakeasy.net (HELO
[192.168.10.91])
        (bill_horne@???) (envelope-sender
<bill_horne@???>) by
        mail1.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for
        <exim@???>; 1 Oct 2006 19:32:20 -0000
Message-ID: <452018B7.4090808@???>
Date: Sun, 01 Oct 2006 15:36:23 -0400
From: Bill Horne <bill_horne@???>
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To:  exim@???
Subject: Test
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-HELO-Warning: Remote host 69.17.117.3 (mail1.sea5.speakeasy.net) 
        incorrectly presented itself as mail1.sea5.speakeasy.net
X-Spam-Score: 0.0 (/)
Status: O
X-Status: O


Test

--
E. William Horne
William Warren Consulting
Computer and Network Installation & Service
Voice: 781 784-7287




(The speakeasy addresses have been munged for all the usual reasons)

Here's the entry from the Exim4 log:

2006-10-01 15:33:15 1GU73r-0003Lq-GZ H=mail1.sea5.speakeasy.net [69.17.117.3] Warning: remote host presented unverifiable HELO/EHLO greeting.
2006-10-01 15:33:23 1GU73r-0003Lq-GZ <= bill_horne@??? H=mail1.sea5.speakeasy.net [69.17.117.3] P=esmtp S=1179 id=452018B7.4090808@???
2006-10-01 15:33:23 1GU73r-0003Lq-GZ => exim <exim@???> R=local_user T=mail_spool
2006-10-01 15:33:23 1GU73r-0003Lq-GZ Completed

Of course, 69.17.117.3 is shown in the A record for mail1.sea5.speakeasy.net. There is, however, no PTR record.

The idea is that this ACL will flag MTA's whose A record doesn't match their HELO, but I'm missing something obvious: all suggestions welcome. TIA.

Bill Horne



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Please help me get more spam!Re: [exim] Please help me get more spam!->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)