On Sun, 9 Jul 2006, Dirk the Daring wrote:

>      Obviously, if I have sending hosts on my network that really did have
> non-routable addresses, this would be a possible problem (altho the simple

   I just reject when someone sends an IP address as a HELO, and it is not
their actual IP address.  In filter_sender():

  if ($helo =~ /^\d+\.\d+\.\d+\.\d+$/) {  # looks like an IP
    if ($helo ne $ip) {
      return('REJECT', "IP address $ip doesn't match helo string $helo");
    }
  }

  This is fairly effective, I grepped my syslog file on one of two email
relays and since last Friday it stopped over 5000 email attempts.  It has
the added effect of stopping those who use *my* IP address as the HELO
string.

  HTH...

Jim McCullars
University of Alabama in Huntsville

_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Reply via email to