Re: [exim] helo help

Top Page
Delete this message
Reply to this message
Author: Alex
Date:  
To: Adam Stephens
CC: exim users
Subject: Re: [exim] helo help
I have this rules


  accept hosts = :
  accept hosts = +relay_from_hosts
  drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
       message   = "Dropped spammer pretending to be us"
  drop condition = ${if
match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
       message   = "Dropped IP-only or IP-starting helo"



# Reject hosts based on bad HELO/EHLO
  # No HELO/EHLO
  deny condition     = ${if eq{$sender_helo_name}{}{1}{0}}
       message       = Polite hosts say HELO first\n\
                       Please see RFC 2821 section 4.1.1.1
       log_message   = Bad HELO: Empty HELO
       delay         = ${eval: ($rcpt_fail_count) * 60}s


  # Forged HELO (localhost or my IP) from a host that isn't allowed to relay
  #deny condition   = ${if or { \
  #                     { match{$sender_helo_name}{MY_IP} } \
  #                     { eq{$sender_helo_name}{localhost} } \
  #                   }{1}{0}}
  #     message     = HELO/EHLO must contain YOUR OWN FQDN or IP literal; \
  #                   $sender_helo_name is MY name/IP!\n\
  #                   Please see RFC 2821 section 4.1.1.1
  #     log_message = Forged HELO: claims to be me ($sender_helo_name)
  #     delay       = ${eval: ($rcpt_fail_count) * 60}s
  #     hosts       = ! +relay_from_hosts


  # Syntactically invalid HELO/EHLO
  defer condition   = ${if match \
                      {$sender_helo_name}{\N^[^.:].*[.:][^.:]+$\N}\
                      {0}{1}}
        message     = HELO/EHLO must contain a FQDN or IP literal\n\
                      Please see RFC 2821 section 4.1.1.1
        log_message = Bad HELO: Syntactically invalid HELO
        delay       = ${eval: ($rcpt_fail_count) * 60}s
        hosts       = ! +relay_from_hosts


  # Syntactically invalid HELO/EHLO - IP address without []
  defer condition    = ${if isip{$sender_helo_name}{1}{0}}
        message      = HELO/EHLO must contain a FQDN or IP literal\n\
                       please see RFC 2821 section 4.1.1.1
        log_message  = Bad HELO: Syntactically invalid HELO
        delay        = ${eval: ($rcpt_fail_count) * 60}s
        hosts        = ! +relay_from_hosts


  defer condition    = ${if isip6{$sender_helo_name}{1}{0}}
        message      = HELO/EHLO must contain a FQDN or IP literal\n\
                       please see RFC 2821 section 4.1.1.1
        log_message  = Bad HELO: Invalid HELO
        delay        = ${eval: ($rcpt_fail_count) * 60}s


  # Forged HELO (our hostname) from a host that isn't allowed to relay
  deny condition     = ${if match_domain{$sender_helo_name}\
                       {+local_domains}{1}{0}}
        message      = Forged HELO: you are not $sender_helo_name
        log_message  = Forged HELO: $sender_helo_name is one of our \
                       local domains
        delay        = ${eval: ($rcpt_fail_count) * 60}s
        hosts        = ! +relay_from_hosts


accept



2007/6/5, Adam Stephens <adam.stephens@???>:
> Alex wrote:
> > What is bad in this?
> >
> > 2007-06-04 11:13:34 H=9.red-88-2-226.staticip.rima-tde.net
> > (electropla1) [88.2.226.9] temporarily rejected EHLO or HELO
> > electropla1: Bad HELO: Syntactically invalid HELO
> >
> >
> electropla1 is not fully-qualified.
>
> RFC2821 explicitly requires clients to use fully-qualified domain names
> in HELO:
>
> ====================
> 4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
>
> These commands are used to identify the SMTP client to the SMTP
> server. The argument field contains the fully-qualified domain name
> of the SMTP client if one is available. In situations in which the
> SMTP client system does not have a meaningful domain name (e.g., when
> its address is dynamically allocated and no reverse mapping record is
> available), the client SHOULD send an address literal (see section
> 4.1.3), optionally followed by information that will help to identify
> the client system. The SMTP server identifies itself to the SMTP
> client in the connection greeting reply and in the response to this
> command.
>
> electropla1
>
> [...]
> In any event, a client MUST issue HELO or EHLO before starting a mail
> transaction.
> ======================
>
> Similarly, section 3.6 requires all domain names used in SMTP
> transactions to be 'resolvable, fully-qualified, domain names'.
>
> regards,
> Adam.
>
> --
> --------------------------------
> Adam Stephens
> Network Specialist - Email & DNS
> adam.stephens@???
>
>