[Mimedefang] $helo versus $ip

[Steffen Kaiser]

On Tue, 3 Feb 2004, Matt Cramer wrote:

> This will yield many false positives.  Here is what I do:
>
> * Reject mail from outside relays who HELO as one of my domains.
> * Reject mail from outside relays who HELO as one of my networks, with or
>   without brackets (e.g. "204.74.20.1" and "[204.74.20.1]")
> * Reject mail from outside relays who HELO as a string that isn't a domain
>   or an address.  I just check for a "." in the string.  An amazing
>   amount of ratware issues "HELO hjdjhdf" etc.  I've had a few false
>   positives where the server was just doing "HELO servername" and in all
>   cases the admin of the sending server has corrected it.

This sounds cool. Despite the always mentioned problem, when Mail clients
connect to the server directly - like in my case.
Is there a way to determine, if the message came in through sendmail's MTA
(Port 25) or MSA (Port 587) channel?

Bye,

-- 
Steffen Kaiser