----- Original Message ----- From: "Len Conrad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 22, 2003 6:15 PM Subject: [IMGate] Re: PRCE and substitution
> > > > > >/cablep\.bezeqint\.net/ 554 ACL Cabel/DSL reject - use your ISPs mail > > > >server, HELO = $1 > > > > > > > >Under smtpd_recipient_restrictions I have > > > >check_helo_accress pcre:/etc/postfix/helo_hostnames.regexp > > > > > > you want that in helo or client access? > > > > > > helo is forgeable, PTR hostname isn't. > > > >PTR, ins't that how your basic config does it? > > no. > > but I have found a few sites that find the mta_clients_subscriber.regexp > too aggressive for their set of customers, get along just fine the > helo_hostnames.regexp that matches of a.b.c.d or a-b-c-d. This apparently > allows legit mail servers on subscriber networks to use a non-subscriber > HELO hostname (which is usually screwed up anyway, like blah.local, or non > FQDN, etc) while apparently some spamware (as opposed to mail server) > leaves the PTR subscriber-style hostname as the HELO hostname. Ok, so to block on PTR versus HELO I need to: 1. add check_client_access pcre:/etc/postfix/mta_clients_subscriber.regexp to the main.cf 2. create the appropriate regexp in the mta_clients_subscriber.regexp file. Mike > > > > >When I examine the log file, the reject line only shows the first part of > > > >the hostname that matched, ie. cablep > > > > > > > >What am I doing wrong? > > > > > > /(.*cablep\.bezeqint\.net)/ > > > > > > ... need paren to create the PERL "back reference" > > > > > > >That answers that. Will that also eliminate the following error? > >"replace index out of range" > > yep > > Len > > > >
