Bill Taroli said: > Wouldn't it make more sense to whitelist by IP address rather than > domain? After all, all it takes to spoof a domain is to change what gets > sent in the HELO string... hence the desire for the verification in the > first place. :-)
Obviously. Bad wording on my part, sorry. Small part of my /etc/courier/smtpaccess/brokenhelo: # Hotmail just says 'HELO hotmail.com' 64.4.16 allow,BOFHCHECKHELO=0 65.54.251 allow,BOFHCHECKHELO=0 65.54.245 allow,BOFHCHECKHELO=0 65.54.241 allow,BOFHCHECKHELO=0 # Amazon.com 207.171.172 allow,BOFHCHECKHELO=0 # Google # what is jproxy.google.com, anyway? 216.239.56 allow,BOFHCHECKHELO=0 # ebay ([EMAIL PROTECTED]) 66.135.215 allow,BOFHCHECKHELO=0 # vishnu|lakshmi.netfilter.org 213.95.27.118 allow,BOFHCHECKHELO=0 :2001:0780:0000:001d:020d:93ff:fe9b:e443 allow,BOFHCHECKHELO=0 HTH, M4 ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
