> > >/cablep\.bezeqint\.net/ 554 ACL Cabel/DSL reject - use your ISPs mail > > >server, HELO = $1 > > > > > >Under smtpd_recipient_restrictions I have > > >check_helo_accress pcre:/etc/postfix/helo_hostnames.regexp > > > > you want that in helo or client access? > > > > helo is forgeable, PTR hostname isn't. > >PTR, ins't that how your basic config does it?
no. but I have found a few sites that find the mta_clients_subscriber.regexp too aggressive for their set of customers, get along just fine the helo_hostnames.regexp that matches of a.b.c.d or a-b-c-d. This apparently allows legit mail servers on subscriber networks to use a non-subscriber HELO hostname (which is usually screwed up anyway, like blah.local, or non FQDN, etc) while apparently some spamware (as opposed to mail server) leaves the PTR subscriber-style hostname as the HELO hostname. > > >When I examine the log file, the reject line only shows the first part of > > >the hostname that matched, ie. cablep > > > > > >What am I doing wrong? > > > > /(.*cablep\.bezeqint\.net)/ > > > > ... need paren to create the PERL "back reference" > > > >That answers that. Will that also eliminate the following error? >"replace index out of range" yep Len
