On Thursday 17 June 2004 12:27, James Graves wrote:
> ...
> � � 64.4.16 � � � � allow,BOFHCHECKHELO=0
> � � 65.54.251 � � � allow,BOFHCHECKHELO=0
> � � 65.54.245 � � � allow,BOFHCHECKHELO=0
>
> � � # Amazon.com
>
> � � 207.171.172 � � allow,BOFHCHECKHELO=0
>
> � � # Google
> � � # what is jproxy.google.com, anyway?
>
> � � 216.239.56 � � �allow,BOFHCHECKHELO=0
No doubt you've caught some more, like 64.4.11. I can't convince
any of my ISP clients to let this BOFHCHECKHELO check roll and
put up with the pain of of having their clients contact them with
complaints about not getting mail... then figure out where it's
coming from and then to whitelist it, so I have no access to any
live servers that can even track sites to whitelist.
James, do you think you could put a simple web page somewhere to
track these common HELO breaking sites ?
FWIW here is a dirty piece of bash to pull out just the IP and
domainname.
tail -f mail.log | \
grep HELO | \
awk -F, '{print $3}' | \
grep "does not match" | \
awk -F"517 HELO" '{print $2}' | \
awk {'print $5" "$1}' | cut -b 8-
--markc
-------------------------------------------------------
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
