[Mimedefang] Helo Checking
Rich West
Rich.West at wesmo.com
Thu Oct 19 15:46:49 EDT 2006
The main problem I see with yours is that it doesn't compensate for
localhost (127.0.0.1). Mine (below) checks three IP addresses:
localhost (127.0.0.1), our internal NAT'ed network (192.168.10.x), and
our external public IP address (in this example, I used 9.87.65.4).
Anyhow, here's a copy of the one I personally use. I hope it helps.
-Rich
sub filter_sender () {
my($sender, $hostip, $hostname, $helo) = @_;
# Can't be "ourdomain.com" unless it's one of our IP's.
if ($helo =~ /(^|.)ourdomain\.com$/i)
{
if ( ! ($hostip =~ "^192.168.10") && ($hostip ne "127.0.0.1") &&
($hostip ne "9.87.65.4") )
{
md_syslog('warning', "Host $hostip said HELO $helo");
return(0, "Go away. $hostip is not a wesmo.com machine");
}
}
# The hostname better match the helo string.
if (($helo =~ /^(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})(.)(\d{1,3})$/) &&
($hostip ne $helo))
{
md_syslog('warning', "Host $hostip claims to be $helo");
return (0, "Header forgery attempt, $ip claims to be $helo")
}
return (1, "OK");
}
> Hi all,
>
> When I insert this snippet into my mimedefang-filter my slaves all get busy and shut down......any Ideas?
>
> Don Killen
> sub filter_sender {
> my($sender, $ip, $name, $helo) = @_;
> return('CONTINUE', "OK") if ($ip eq "72.242.108.6"); # no further checking if localhost
> if ($helo =~ /(^|.)granis.net$/i) {
> if ($ip !~ /^72.242.108./) {
> return('REJECT', "Connect rejected - $ip is not granis.net");
> }
> }
> return('CONTINUE', "OK");
> }
More information about the MIMEDefang
mailing list