Hi,
> >
> > The "invalid HELO" option is very useful when enabled to reject large
> amount
> > of spam, but unfortunately also rejects lots of legitimate mail ;-(
>
> You'll have to tell us what you have in your config and what gets
> blocked.
>
> The default setting blocks an IP address or a name without a dot -
> both of which I would block from unknown senders.
>
Thanks Paul,
In (Regular Expression to Validate Format of HELO*) field I have ,
^(([a-z\d][a-z\d-]*)?[a-z\d]\.)+[a-z]{2,6}$
Under my (Regular Expression to Invalidate Format of HELO*) file I have
these settings.
^\d+\.\d+\.\d+\.\d+$
^[^\.]+\.?$
\d{1,3}(\.|-|x)\d{1,3}(\.|-|x)\d{1,3}
\.intra$
\.local$
\.lan$
\.priv$
\.private$
\.localdomain$
\.online$
>From logs there are lots of detected real spam but there are also some
legitimate mail, please see below,
These are legitimate emails and should pass
Nov-7-09 00:52:28 44340-06460 [InvalidHELO][testmode] 217.64.225.57
<newslett...@meed.com> to: x...@xxxxx.xx [spam found]
and passing because testmode, otherwise blocked (Invalid HELO:
'EMP10RLY01.emp10data.local') [Your weekly Finance newsletter from ME
ED] -> ./discarded/9703.eml
Nov-7-09 01:03:51 45029-09039 [InvalidHELO][testmode] 217.64.225.57
<newslett...@meed.com> to: tariq...@batelco.com.bh [spam found]
and passing because testmode, otherwise blocked (Invalid HELO:
'EMP10RLY01.emp10data.local') [Your weekly Industry newsletter from M
EED] -> ./discarded/11404.eml
----------------
These should be rejected always
Nov-8-09 00:00:05 27587-07571 [InvalidHELO][testmode] 200.88.20.171
<wilfredolarso...@virbac.co.nz> to: x...@xxxxx.xx [spa
m found] and passing because testmode, otherwise blocked (Invalid HELO:
'0nic711') [Need pain killers Get them Here] -> ./discarded/
10531.eml
Nov-8-09 00:00:05 27592-07597 [InvalidHELO][testmode] 78.29.107.42
<selena.leach...@ifp.uni-stuttgart.de> to: x...@xxxxx.xx [spam found] and
passing because testmode, otherwise blocked (Invalid HELO: '35fle82') [use
VicodinES to get rid of pain] -> ./dis
carded/13373.eml
Nov-8-09 00:00:05 27587-07573 [InvalidHELO][testmode] 187.4.86.142
<basillockwood...@hanbitsoft.co.kr> to: x...@xxxxx.xx [
spam found] and passing because testmode, otherwise blocked (Invalid HELO:
'rfmm5i2') [Buy Vicodin Online For Less] -> ./discarded/6
706.eml
Please let me know what changes need to be done on my settings.
Thanks.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
