On Fri, 24 Apr 2009, Igor Chudov wrote:
On Fri, Apr 24, 2009 at 01:31:37PM -0700, John Hardin wrote:
Do you have administrative access to ak74.algebra.com? That looks like
it's your MX host.
Yep, it is my MX host. I have root access, it is a 5 year old Fedora 3
server.
Cool.
If so, a MTA rule that rejects any message from the internet having a
HELO without a period may block a lot of that.
If not, a SA rule that looks for such a HELO in the Received: header
that ak74.algebra.com adds might help.
Do you have examples of both kinds of such rules?
I am especially interested in the mailserver side, as I have a lot of
accounts handled by that server.
I do that check using milter-regex. A sample config file is at
http://www.impsec.org/~jhardin/antispam/ - you'd have to edit it to match
your needs for domain names and local MTA IP addresses.
I don't have a rule for SA, as I block that at the MTA.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Win95: Where do you want to go today?
Vista: Where will Microsoft allow you to go today?
-----------------------------------------------------------------------
Today: Max Planck's 151st birthday