[Mimedefang] Adding filter_helo support

Philip Prindeville philipp_subx at redfish-solutions.com
Tue Jan 17 21:34:29 EST 2006 

Seems to be working:

Jan 17 08:10:01 mail sendmail[24471]: NOQUEUE: connect from 
san-cust-208.57.14.2.mpowercom.net [208.57.14.2]
Jan 17 08:10:01 mail sendmail[24471]: AUTH: available mech=DIGEST-MD5 
ANONYMOUS
CRAM-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter 
(mimdefang): init success to negotiate
Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter: connect to 
filtersJan 17 08:10:01 mail mimedefang.pl[23065]: relay: 208.57.14.2, 
san-cust-208.57.14.2.mpowercom.net
Jan 17 08:10:01 mail mimedefang.pl[23065]: relay: matches 0.0.0.0/0 
(CONTINUE: OK)
Jan 17 08:10:01 mail mimedefang.pl[23065]: helo: 
san-cust-208.57.14.2.mpowercom.net (208.57.14.2) said "helo 10.0.0.36"
Jan 17 08:10:01 mail mimedefang.pl[23065]: no brackets: 10.0.0.36
Jan 17 08:10:01 mail mimedefang.pl[23065]: filter_helo rejected helo 
10.0.0.36
Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: milter=mimdefang, 
action=helo, reject
Jan 17 08:10:01 mail sendmail[24471]: k0HFA1UP024471: Milter: 
helo=10.0.0.36, reject=Command rejected


Here's a fragment of my script:

sub filter_helo($$$) {
    my ($hostip, $hostname, $helo) = @_;

    md_syslog('info', "helo: $hostname ($hostip) said \"helo $helo\"");

    # dotted quads need to be bracketed
    if ($helo =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/) {
        md_syslog('info', "no brackets: $helo");
        return ('REJECT', "Incorrect format for address-literal");
    }

    # ok, got the format right... now is the address correct?
    # this might be wrong if our clients are behind a NATting gateway;
    # if that's the case, we need to preface this with accepting everyone
    # whose $hostip matches a certain address or address range
    if ($helo =~ /^\[(\d{1,3})\.(\d{1,3}).(\d{1,3})\.(\d{1,3})\]$/) {
        if ($helo ne "[$hostip]") {
            md_syslog('info', "wrong ip: $hostip claims to be $helo");
            return ('REJECT',
                    "Header forgery attempt, [$hostip] claims to be $helo");
        }
    }

    # put this in explicitly, in case the test below is disabled.
    if ($helo eq 'localhost') {
        md_syslog('info', "localhost: $hostip ($hostname)");
        return ('REJECT', "Nothing local about you");
    }

    # doesn't contain any dots
    if (index($helo, '.') == -1) {
        md_syslog('info', "not fqdn: $helo");
        return ('REJECT', "Expected fully-qualified domain name");
    }

    return ('CONTINUE', "OK");
}

More information about the MIMEDefang mailing list