[exim] Re: Rejecting connections that have only IP as sender…

Góra strony
Delete this message
Reply to this message
Autor: Slavko
Data:  
Dla: exim-users
Temat: [exim] Re: Rejecting connections that have only IP as sender_helo
Dňa 28. mája 2023 9:35:07 UTC používateľ AC via Exim-users <exim-users@???> napísal:

>Thanks, I already did check localhost but it appears what I was after was actually sender_host_name being empty which, from what I understand, is what H=([ip]) actually represents in the logs (if that's not the case hopefully someone can correct me).


There are two names of remote client, the one used in EHLO
SMTP command and one from IPs PTR record.

The EHLO name is shown in log only if it differs from (confirmed)
PTR name

The PTR name is in log only if that name's IP matches client's
IP (is confirmed) and exim is configured to obtain that PTR
name (i do it on MTA but don't do it on MSA).

Thus full host entry in log has format (if EHLO & PTR names
differs)

    H=ptr_name (ehlo_name) [client_ip]

The log entry "H=([ip]) ..." means, that here is not (confirmed)
PTR name and client used IP literal in EHLO name. It is expected
on MSA (from users), but AFAIK has not be used by MTA
nowadays (i do not accept it). Address literal is basically
IP (with prefix for IPv6) enclosed in squared brackets, thus
simple ${sg} regex can detect it...

These squared brackets can be confusing, as real IP is
enclosed in them in logs too, but notice the "normal" brackets,
which encloses EHLO name...

Check docs for appropriate variables for these names and
related settings, they are on multiple different places.

regards


-- 
Slavko
https://www.slavino.sk/


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/