In message <[email protected]>,
Noel Jones <[email protected]> wrote:
>On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
>> Does reject_non_fqdn_helo_hostname, when placed in the
>> smtpd_helo_restrictions, permit clients to HELO/EHLO
>> with a square-bracket enclosed dotted quad IPv4 address?
>
>Yes.
The documentatation should probably be adjusted to make that more clear.
Right now it reads:
Reject the request when the HELO or EHLO hostname is not in fully-
qualified domain form, as required by the RFC.
>> If so, is the dotted quad checked to see that it properly
>> represents the actual IP address of the actual current client?
>
>No.
Is there any restriction verb that would cause a HELO/EHLO which specifies
a square-bracketed dotted quad IPv4 address to be rejected when & if the
dotted quad does not match the actual current client IP address?
Would reject_unknown_helo_hostname do it? If not maybe a new restriction
verb would be useful to perform this exact check.
>> Certainly, some spam
>> that I believe should have been rejected on the basis of one or another
>> of the above RHS filters I am instead seeing (in my maillog file) being
>> rejected instead by one or another of the subsequent reject_rbl_client
>> filters. What could I be doing wrong?
>
>
>Doing RBL client checks in postscreen?
I am not using postscreen at the present time.
Do I need to use that if I want to perform RHSBL checks?
Regards,
rfg
