On 21/02/15 16:13, AC wrote:
> I'm having some trouble setting up a rule in acl_check_mail to reject
> remote hosts that HELO or announce their own host name with my own domain.
> [snip]
> However, today I had a spammer try 20 times to send to various
> addresses. Each time it used some version of the HELO with my domain
> (smtp.* and mail.* were the two).
> [snip]
Perhaps partial-learch would serve you better. I use this quite late in
the conversation (RCPT TO) to reject any server pretending to be me,
plus a number of bad actors.
deny message = Unwelcome sender.
! hosts = +relay_from_hosts
! authenticated = *
condition = ${lookup {$sender_helo_name}
partial-lsearch{/etc/exim/bwlists/helo_reject_hostnames} {yes}{no}}
helo_reject_hostnames contains one domain per line with a wildcard.
*.example.net
This matches "example.net" plus "anything.example.net"
