I have this rules
accept hosts = :
accept hosts = +relay_from_hosts
drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if
match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
message = "Dropped IP-only or IP-starting helo"
# Reject hosts based on bad HELO/EHLO
# No HELO/EHLO
deny condition = ${if eq{$sender_helo_name}{}{1}{0}}
message = Polite hosts say HELO first\n\
Please see RFC 2821 section 4.1.1.1
log_message = Bad HELO: Empty HELO
delay = ${eval: ($rcpt_fail_count) * 60}s
# Forged HELO (localhost or my IP) from a host that isn't allowed to relay
#deny condition = ${if or { \
# { match{$sender_helo_name}{MY_IP} } \
# { eq{$sender_helo_name}{localhost} } \
# }{1}{0}}
# message = HELO/EHLO must contain YOUR OWN FQDN or IP literal; \
# $sender_helo_name is MY name/IP!\n\
# Please see RFC 2821 section 4.1.1.1
# log_message = Forged HELO: claims to be me ($sender_helo_name)
# delay = ${eval: ($rcpt_fail_count) * 60}s
# hosts = ! +relay_from_hosts
# Syntactically invalid HELO/EHLO
defer condition = ${if match \
{$sender_helo_name}{\N^[^.:].*[.:][^.:]+$\N}\
{0}{1}}
message = HELO/EHLO must contain a FQDN or IP literal\n\
Please see RFC 2821 section 4.1.1.1
log_message = Bad HELO: Syntactically invalid HELO
delay = ${eval: ($rcpt_fail_count) * 60}s
hosts = ! +relay_from_hosts
# Syntactically invalid HELO/EHLO - IP address without []
defer condition = ${if isip{$sender_helo_name}{1}{0}}
message = HELO/EHLO must contain a FQDN or IP literal\n\
please see RFC 2821 section 4.1.1.1
log_message = Bad HELO: Syntactically invalid HELO
delay = ${eval: ($rcpt_fail_count) * 60}s
hosts = ! +relay_from_hosts
defer condition = ${if isip6{$sender_helo_name}{1}{0}}
message = HELO/EHLO must contain a FQDN or IP literal\n\
please see RFC 2821 section 4.1.1.1
log_message = Bad HELO: Invalid HELO
delay = ${eval: ($rcpt_fail_count) * 60}s
# Forged HELO (our hostname) from a host that isn't allowed to relay
deny condition = ${if match_domain{$sender_helo_name}\
{+local_domains}{1}{0}}
message = Forged HELO: you are not $sender_helo_name
log_message = Forged HELO: $sender_helo_name is one of our \
local domains
delay = ${eval: ($rcpt_fail_count) * 60}s
hosts = ! +relay_from_hosts
accept
2007/6/5, Adam Stephens <adam.stephens@???>:
> Alex wrote:
> > What is bad in this?
> >
> > 2007-06-04 11:13:34 H=9.red-88-2-226.staticip.rima-tde.net
> > (electropla1) [88.2.226.9] temporarily rejected EHLO or HELO
> > electropla1: Bad HELO: Syntactically invalid HELO
> >
> >
> electropla1 is not fully-qualified.
>
> RFC2821 explicitly requires clients to use fully-qualified domain names
> in HELO:
>
> ====================
> 4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
>
> These commands are used to identify the SMTP client to the SMTP
> server. The argument field contains the fully-qualified domain name
> of the SMTP client if one is available. In situations in which the
> SMTP client system does not have a meaningful domain name (e.g., when
> its address is dynamically allocated and no reverse mapping record is
> available), the client SHOULD send an address literal (see section
> 4.1.3), optionally followed by information that will help to identify
> the client system. The SMTP server identifies itself to the SMTP
> client in the connection greeting reply and in the response to this
> command.
>
> electropla1
>
> [...]
> In any event, a client MUST issue HELO or EHLO before starting a mail
> transaction.
> ======================
>
> Similarly, section 3.6 requires all domain names used in SMTP
> transactions to be 'resolvable, fully-qualified, domain names'.
>
> regards,
> Adam.
>
> --
> --------------------------------
> Adam Stephens
> Network Specialist - Email & DNS
> adam.stephens@???
>
>
