[Mimedefang] $helo filter checks

Mon Oct 20 08:16:03 EDT 2003

Having read so much about bouncing on HELO spoofing, I'm disappointed
that the mailing list doesn't seem to contain a single, complete example
of a filter_relay subroutine which the rest of us can use in our
own filters.  Those of us who aren't Perl hackers need examples !

Can someone kindly provide a correct and complete working filter_relay
subroutine which only needs to be customized with our server's IP-address ?

I understand that mimedefang must be started with the "-r" flag,
which seems to be enabled in the init-script by setting
    MX_RELAY_CHECK=yes
in /etc/sysconfig/mimedefang and restarting the daemon.  Is this
assumption correct ?

Philip Clever philip at turquoise.net wrote:
> I have installed the following code to combat HELO spoofing under sub
> filter_relay:
> 
>  elsif ($helo =~ /mydomain\.net$/i) {
>         if ($hostip ne '127.0.0.1' or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xxx\.xxx\.\d{1,3}$/ or
>         $hostip !~ /^xx\.xxx\.xxx\.\d{1,3}$/) {
>                 return (0, "Connect rejected! - $hostip is not
> mydomain.net");
>         }
>     }

Thanks a lot,
Ole Holm Nielsen
Department of Physics, Technical University of Denmark,
Building 307, DK-2800 Kongens Lyngby, Denmark