Re: [exim] Punishing malformed HELO at acl_smtp_rcpt level?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Peter Bowyer
Date:  
À: exim-users
Sujet: Re: [exim] Punishing malformed HELO at acl_smtp_rcpt level?
On 09/01/07, Fionn Behrens <fionn@???> wrote:
>
> Hi all,
>
> I recently found this rule on the net and found it caught a lot of spam:
>
>  deny message = Invalid HELO. You must be spam or a virus.
>    log_message = HELO/EHLO invalid domain (no dot)
>    condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}

>
> Unfortunately (as if I could not have guessed that) it also prevents
> some of our customers from sending mail, who use dynamic IP and shitty
> MUAs from redmond.
> I am not the ultimate expert but to my knowledge smtp auth takes place
> after HELO, doesnt it? Would it be possible to set sort of a flag in
> this case of malformed HELO and recall it later at the acl_smtp_rcpt
> level? At that point I know whether I am talking to a "foreign" mail
> server or to a properly authenticated customers client and could shut up
> the former one.


You can move the HELO check to later in the ACLs - you don't have to
check it at HELO time - the $sender_helo_name variable is available
from the HELO ACL onwards. So your RCPT ACL could include

accept authenticated = *

deny message = Invalid HELO. You must be spam or a virus.
log_message = HELO/EHLO invalid domain (no dot)
condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}


Peter
--
Peter Bowyer
Email: peter@???