> I tried verify = helo and deny spf = fail, however both those
> checks were too strict for some popular mail servers used in
> my country, which I assume renders them useless
Not necessarily useless; you can still block on the low-hanging fruit and
then use other checks in SpamAssassin scoring and also use delays to bore
spambots into submission. A couple of snippets from my own ACLs (beware line
wrap):
No legitimate host, no matter how sloppily configured, should HELO with an
IP address:
deny message = Remote host used IP address in HELO/EHLO greeting
!hosts = +whitelisted
condition = ${if isip {$sender_helo_name}{true}{false}}
Or with your own hostname:
deny message = Remote host used our name in HELO/EHLO greeting.
!hosts = +whitelisted
condition = ${if match_domain{$sender_helo_name}
{$primary_hostname:+local_domains:+relay_to_domains}}
Then I start throwing delays around for other checks (this works best if you
disable pipelining):
warn message = X-Warning: $sender_helo_name failed verification
!hosts = +whitelisted
!verify = helo
delay = 15s
Many spambots will get impatient and either disconnect or will try to
transmit data out of sequence and get rejected that way.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna
