On 05/06/2020 10:24, Jacques B. Siboni via Exim-users wrote:
On Fri, 2020-06-05 at 09:36 +0100, Jeremy Harris via Exim-users wrote:
By the way, if you really are logging "H=router" then you
have an unusual network setup.  If you obfuscated it, then
you are making it harder for us to help you.
No That's exactly as it appears in the log. I agree that my network setup is
B.A.D!

Jacques




Things you might want to reject at HELO time:


        #
        # check for single word greeting messages like "HELO COMPUTER"
        #
        deny    condition = ${if match {$sender_helo_name} {\\.} {no}{yes}}
                message = Your HELO/EHLO greeting ($sender_helo_name) is a single word. \                         According to RFC2821 you must use your fully-qualified domain-name. \                         Please fix your configuration if you want to talk to us                 logwrite = HELO: HELO/EHLO was not a FQDN : $sender_helo_name from $sender_fullhost

        #
        # check for raw IP address in greeting like "HELO 1.2.3.4"
        #
        deny    condition = ${if isip{$sender_helo_name}}
                #condition = ${if match {$sender_helo_name}{^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\$}{yes}{no}}                 message = Your HELO/EHLO greeting ($sender_helo_name) is a plain IP address. \                         According to RFC2821 you must use your fully-qualified domain-name. \                         Please fix your configuration if you want to talk to us                 logwrite = HELO: HELO/EHLO with bare IP : $sender_helo_name from $sender_fullhost

        #
        # check for HELO from our host name... must be fake
        #
        deny    condition = ${if match {$sender_helo_name}{$primary_hostname}{true}{false}}                 message = Your HELO/EHLO greeting ($sender_helo_name) is using our name! \                         According to RFC2821 you must use your fully-qualified domain-name. \                         Please fix your configuration if you want to talk to us                 logwrite = HELO: Rejected because remote host used our hostname: $sender_helo_name



Mike


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to