On Wed, 15 Jun 2005 17:40:58 -0400 (EDT), Dirk the Daring wrote
> ##########
> sub filter_sender {
> my($sender, $hostip, $hostname, $helo) = @_;
>
> # Can't be "psicorps.org" unless it's one of our IP's.
> if ($helo =~ /(^|\.)psicorps\.org$/i) {
> if ($hostip ne "127.0.0.1" and $hostip ne "209.170.141.XXX" and
> $hostip ne "209.170.141.XXX" and $hostip ne
> "209.170.141.103") and $hostip ne "209.170.141.XXX" and
> $hostip ne "209.170.141.XXX") { syslog('info',
> "MIMEDefang rejected a connection where Host $hostip said HELO
> $helo"); return(0, "Connection Rejected: $hostip is not
> authorized to use $helo for identification"); } }
> return (1, "OK"); }
> ##########
OK, I assume the XXX you have in there are actually filled in with real
values.. otherwise you will never match without using a regex, something like:
if ($hostip ne "127.0.0.1" and $hostip !~ /^209\.170\.141\./ and
You also might consider matching the helo on your own servers IPs as well, we
get many that helo as our servers IP and unless it is our server or 127.0.0.1
then.... its a nono (note, IP literals as HELO are valid, but are supposed to
be encosed in square brackets... something some MTAs and many MUAs seem to
ignore).
Simple enough to do, something like:
if (($helo =~ /(^|\.)psicorps\.org$/i) || ($helo =~
/(^|\[)209\.170\.141\.103\]$/i)) {
Also, I think you have your reject and ok flipped (ok is 0 and reject is 1 I
think), returning the value is depreciated anyway, us the constants like so:
return('REJECT', "Connection Rejected: $hostip is not authorized to use $helo
for identification");
and
return ('CONTINUE', "ok");
Jim
--
EsisNet.com Webmail Client
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
