On Sun, 9 Jul 2006, Dirk the Daring wrote:
> Obviously, if I have sending hosts on my network that really did have > non-routable addresses, this would be a possible problem (altho the simple I just reject when someone sends an IP address as a HELO, and it is not their actual IP address. In filter_sender(): if ($helo =~ /^\d+\.\d+\.\d+\.\d+$/) { # looks like an IP if ($helo ne $ip) { return('REJECT', "IP address $ip doesn't match helo string $helo"); } } This is fairly effective, I grepped my syslog file on one of two email relays and since last Friday it stopped over 5000 email attempts. It has the added effect of stopping those who use *my* IP address as the HELO string. HTH... Jim McCullars University of Alabama in Huntsville _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang