OK, this what I have came up with so far,. 1. Check for anybody claims to be from mydomain.com in the HELO Line 2. Check for RCPT TO anyone in mydomain.com 3. $helo doesn't match $ip
#*********************************************************************** # %PROCEDURE: filter_recipient # %DESCRIPTION: # Check whether HELO claims to be from internal domain and reverse DNS # lookup doesn't check #*********************************************************************** sub filter_sender { my ($sender, $ip, $hostname, $helo) = @_; return('CONTINUE', "OK") if ($ip eq "127.0.0.1"); if ($helo =~ /mydomain\.com$/i) { return ('REJECT', "We Don't Like Spammers, Go Away!!!."); } elsif ($ip ne $helo){ return ('REJECT', "You are not who you say you are.") } else { return ('CONTINUE',"OK"); } } #*********************************************************************** # %PROCEDURE: filter_recipient # %DESCRIPTION: # Check whether MAIL FROM claims to be from internal domain #*********************************************************************** sub filter_recipient { my ($recipient, $sender, $ip, $hostname, $first, $helo, $rcpt_mailer, $rcpt_host, $rcpt_addr) = @_; if ($sender =~ /[EMAIL PROTECTED]>?$/i) { return ('REJECT', "Service Not Available."); } return ('CONTINUE',"ok"); } I'm just concerned about the reverse dns lookup would reject too many legit emails. Many Thanks, Yang _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang