[Mimedefang] Bouncing on invalid HELO/EHLO
Geoff Thornton
gthornton at networksgroup.com
Thu Jun 12 10:53:01 EDT 2003
I bounce messages if someone claims to be my domain/ip address and is not.
Here's the filter code I use...
sub filter_sender {
my ($sender, $ip, $name, $helo) = @_;
md_syslog('info', "$MsgID: HELO $helo, MAIL FROM: $sender, relay=$name
\[$ip\]");
if ($ip =~ /127\.0\.0\.1/) { return ('CONTINUE', "ok"); }
if ($ip =~ /###\.###\.###\.###/) { return ('CONTINUE', "ok"); }
if ($helo =~ /###\.###\.###\.###/) { return ('REJECT', "$name \[$ip\] is
not $helo"); }
if ($helo =~ /.+\.?###########\.com/) { return ('REJECT', "$name \[$ip\]
is not $helo"); }
return ('CONTINUE', "ok");
}
The first set of hash marks is the IP address of my internal mail server.
The second set of hash marks is the IP address of the MIMEDefang server.
The third set of hash marks is the home domain configured for sendmail (i.e.
the $j value). So far I have not had a single false positive.
--Geoff Thornton
-----Original Message-----
From: Jim McCullars [mailto:jim at info.uah.edu]
Sent: Thursday, June 12, 2003 10:09 AM
To: MIMEDefang Users Mailing List
Subject: [Mimedefang] Bouncing on invalid HELO/EHLO
I know there's a lot of controversy regarding bouncing mail where the
HELO/EHLO string doesn't match the real host name, but in reading RFC1123,
I came across this:
Note also that the HELO argument is still required to have
valid <domain> syntax, since it will appear in a Received:
line; otherwise, a 501 error is to be sent.
How many people actually bounce mail based on this rule?
Jim
More information about the MIMEDefang
mailing list