[Mimedefang] Helo Checking

[Rich West]

The main problem I see with yours is that it doesn't compensate for
localhost (127.0.0.1).  Mine (below) checks three IP addresses:
localhost (127.0.0.1), our internal NAT'ed network (192.168.10.x), and
our external public IP address (in this example, I used 9.87.65.4).

Anyhow, here's a copy of the one I personally use.  I hope it helps.

-Rich

sub filter_sender () {
   my($sender, $hostip, $hostname, $helo) = @_;

   # Can't be "ourdomain.com" unless it's one of our IP's.
   if ($helo =~ /(^|.)ourdomain\.com$/i)
   {
      if ( ! ($hostip =~ "^192.168.10") && ($hostip ne "127.0.0.1") &&
($hostip ne "9.87.65.4") )
      {
         md_syslog('warning', "Host $hostip said HELO $helo");
         return(0, "Go away. $hostip is not a wesmo.com machine");
      }
   }
   # The hostname better match the helo string.
   if (($helo =~ /^(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})$/) &&
($hostip ne $helo))
   {
      md_syslog('warning', "Host $hostip claims to be $helo");
      return (0, "Header forgery attempt, $ip claims to be $helo")
   }
   return (1, "OK");
}

> Hi all,
>  
>    When I insert this snippet into my mimedefang-filter my slaves all get busy and shut down......any Ideas?
>  
> Don Killen
> sub filter_sender {
>   my($sender, $ip, $name, $helo) = @_;
>   return('CONTINUE', "OK") if ($ip eq "72.242.108.6");   # no further checking if localhost
>   if ($helo =~ /(^|.)granis.net$/i) {
>     if ($ip !~ /^72.242.108./) {
>           return('REJECT', "Connect rejected - $ip is not granis.net");
>     }
>   }
>   return('CONTINUE', "OK");
> }