[Mimedefang] Non-routable addresses in HELO
Jim McCullars
jim at info.uah.edu
Mon Jul 10 10:17:08 EDT 2006
On Sun, 9 Jul 2006, Dirk the Daring wrote:
> Obviously, if I have sending hosts on my network that really did have
> non-routable addresses, this would be a possible problem (altho the simple
I just reject when someone sends an IP address as a HELO, and it is not
their actual IP address. In filter_sender():
if ($helo =~ /^\d+\.\d+\.\d+\.\d+$/) { # looks like an IP
if ($helo ne $ip) {
return('REJECT', "IP address $ip doesn't match helo string $helo");
}
}
This is fairly effective, I grepped my syslog file on one of two email
relays and since last Friday it stopped over 5000 email attempts. It has
the added effect of stopping those who use *my* IP address as the HELO
string.
HTH...
Jim McCullars
University of Alabama in Huntsville
More information about the MIMEDefang
mailing list