[contribteam] [Bug 9605] Make qpsmtpd badhelo work like Whitelisthosts for subnets

Mon, 20 Jun 2016 10:37:36 -0700 

==================================================================
  Please DO NOT REPLY to this mail or send email to the developers
  about this bug. Please follow-up to Bugzilla using this link:
    https://bugs.contribs.org/show_bug.cgi?id=9605

  Have you checked the Frequently Asked Questions (FAQ)?
    http://wiki.contribs.org/SME_Server:Documentation:FAQ

  Please also take the time to read the following useful guide:
    http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================

--- Comment #6 from Selwyn Rosenstein <[email protected]> ---
(In reply to Daniel B. from comment #5)
> (In reply to Selwyn Rosenstein from comment #4)
> > After further testing I found that not all spammers put the IP Address in
> > the HELO and so even though the IP Address was on the list of blocked
> > addresses my test code would not catch them.
> > 
> > I have refined the code as follows which now works very well:
> > check_spamhelo plugin:
> > ------------
> > sub hook_helo {
> >   my ($self, $transaction, $host) = @_;
> >   ($host = lc $host) or return DECLINED;
> > 
> >   my $remote_ip = $self->qp->connection->remote_ip;
> > 
> >   foreach my $bad ($self->qp->config('badhelo')) {
> >     $bad =~ s/^\s+|\s+$//g;
> >     if ($host eq lc $bad || $host =~ /^\Q$bad\E/ || $remote_ip =~
> > /^\Q$bad\E/) {
> >       $self->log(LOGDEBUG, "Denying HELO from IP '$remote_ip' using HELO
> 
> I don't think this change should be done in the helo plugin (because it
> doesn't check the helo string, but rejects sender IP). To completely deny
> SMTP access to your server to a list of IP, you'd better use iptables
> instead, there's no code change needed:
> 
> db configuration setprop smtpd DenyHosts 12.13.14.15,193.20.0.0/24
> signal-event remoteaccess-update

Hi Daniel B,

Is there a different helo variable, other than $host, that has the helo IP as
shown in:
Received: from mkt1-in.verticalresponse.com (HELO mkt1-in.verticalresponse.com)
(63.251.246.12)
If there is, then I'd use that one instead of $remote_ip.

Regards,
Selwyn

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/

Reply via email to