[Mimedefang] filter-relay, rejection on bogus helo

[Joseph Brennan]

> You can also include your hostname in the rejection helo check:
># after excluding your mail server by it's ip address
> if ($Helo =~ /(cs\.montana\.edu|esus\.\cs\.\montana\.edu)/
>
> Or reject if the machine just gives a hostname with no "..."'s in it.
># match if just host component, which you should not get from MTA's.
> note this regexp will match anything that does not have a "." in it.
> if ($helo =~ /^(\w*)$/){
> }


These are no good because we are using the same Mimedefang filter
for the internal hosts.  Some PC clients do not know their hostname
or IP, and send HELO with standards-busting things like the user's
pet name for the host, or the name of the smtp server, or the user's
default domain name.

I was going to keep this simple, but maybe this would suggest a way
around the PC issue.  The world sends to columbia.edu, and our users
send to smtp server send.columbia.edu.  But the former is an MX
record and the latter is a nickname.  We do reject mail that says
HELO with the real names of the two hosts.

Joseph Brennan         Columbia University in the City of New York
Academic Technologies Group                   brennan at columbia.edu