Re: [exim] A riddle: What HELO/EHLO does remote host send?

Autor: W B Hacker
Datum:
To: Exim users mailing list
Betreff: Re: [exim] A riddle: What HELO/EHLO does remote host send?

Alexander Shikoff wrote:
> Hello,
>
> To discover some strange issue I've put some additional logging into HELO
> and RCPT ACLs:
>
> acl_check_helo: > deny > # reject IP-addresses IN HELO/EHLO > message = Bad HELO/EHLO > condition = ${lookup{$sender_helo_name}nwildlsearch{BL_BAD_HELO}{yes}{no}}

>
> acl_check_rcpt: > warn > logwrite = ---$sender_host_address/$sender_helo_name--- > [...]

>
> After that I got in log:
>
> Feb 2 14:31:59 crow exim[39322]: 2007-02-02 14:31:59 H=(201.250.198.147) [201.250.198.147] rejected EHLO or HELO 201.250.198.147: Bad HELO/EHLO
> Feb 2 14:32:01 crow exim[39322]: 2007-02-02 14:32:01 ---201.250.198.147/---
> Feb 2 14:32:05 crow exim[39322]: 2007-02-02 14:32:05 H=[201.250.198.147] F=<bjoern.wunderlich@???> rejected RCPT <info@???>: 201.250.198.147 listed by list.dsbl.org
>
> Now a riddle: what HELO did remote host send?!
> Any suggestions?
>

Change:

message = Bad HELO/EHLO

to:

message = Bad HELO/EHLO from $sender_helo_name

ELSE:

log_selector = +all

OR

log_selector = <your own '+' and '-' list of what you want logged/not>

Bill

Diese Nachricht ist Teil des folgenden Threads:
	Der komplette Thread sortiert nach Datum
	Exim users mailing list am
	Peter Bowyer am