On 9 Nov 2009 at 8:31, Hisham Al Saad wrote:
> Under my (Regular Expression to Invalidate Format of HELO*) file I have
> these settings.
>
> ^\d+\.\d+\.\d+\.\d+$
> ^[^\.]+\.?$
> \d{1,3}(\.|-|x)\d{1,3}(\.|-|x)\d{1,3}
> \.intra$
> \.local$
> \.lan$
> \.priv$
> \.private$
> \.localdomain$
> \.online$
>
> >From logs there are lots of detected real spam but there are also some
> legitimate mail, please see below,
>
> These are legitimate emails and should pass
>
> Nov-7-09 00:52:28 44340-06460 [InvalidHELO][testmode] 217.64.225.57
> <newslett...@meed.com> to: x...@xxxxx.xx [spam found]
> and passing because testmode, otherwise blocked (Invalid HELO:
> 'EMP10RLY01.emp10data.local') [Your weekly Finance newsletter from ME
> ED] -> ./discarded/9703.eml
I don't know why they are using a local address in a helo, but I
would either put the IP in 'noHelo' or put the helo into
'heloBlacklistIgnore'.
The helos you want blocked will stay blocked.
paul
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
