Hi all,
I recently found this rule on the net and found it caught a lot of spam:
deny message = Invalid HELO. You must be spam or a virus.
log_message = HELO/EHLO invalid domain (no dot)
condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}
Unfortunately (as if I could not have guessed that) it also prevents
some of our customers from sending mail, who use dynamic IP and shitty
MUAs from redmond.
I am not the ultimate expert but to my knowledge smtp auth takes place
after HELO, doesnt it? Would it be possible to set sort of a flag in
this case of malformed HELO and recall it later at the acl_smtp_rcpt
level? At that point I know whether I am talking to a "foreign" mail
server or to a properly authenticated customers client and could shut up
the former one.
Or is there any other way to get this working? (Telling customers to use
something else is - unfortunately - not an option).
I'd appreciate any hints.
br,
Fionn
