On Sat, 8 May 2004, Pat Masterson wrote:
> Does anybody have a rule to recognize my own IP in the HELO ?
I don't know if it helps you, but I have a rule in MimeDefang's
filter_relay which checks not only for one of my mail servers' IP
addresses, but also for their hostnames, and a separate check for an
IP address with no square brackets (that's a syntax error, and most
certainly not done by any legitimate mail software).
Any host not within the university's IP address range, which gives a
HELO argument that matches the above is simply rejected.
--
----------------------------------------------------------------------
Sylvain Robitaille [EMAIL PROTECTED]
Systems analyst / Postmaster Concordia University
Instructional & Information Technology Montreal, Quebec, Canada
----------------------------------------------------------------------
my $re_our_networks = '(?:127\.0\.0\.1|132\.205\.\d{1,3}\.\d{1,3})';
my $re_our_mx = '(?:((mx1|mx2|etc)\.)?concordia\.ca|\[?132\.205\.\d+\.\d+\]?)';
sub filter_relay($$$)
{
my ( $relayip, $relayname, $helo ) = @_;
...
my ( $returnval, $message );
$returnval = 'CONTINUE'; # OK unless otherwise detected
$message = '';
...
# Reject any (external) HELO/EHLO that pretends to be one of ours.
if ( ( $relayip !~ /^($re_our_networks)$/ ) &&
( $helo =~ /^($re_our_mx)$/i ) )
{
$message = "IP $relayip ($relayname) faked HELO/EHLO as '$helo'";
}
# malformatted HELO argument: The proper format is either a fully-
# qualified domain name or a dotted quad inside square-brackets.
elsif ( ( defined $relayip && defined $helo ) &&
( $relayip !~ /^($re_our_networks)$/ ) &&
( $helo =~ /^\d{1,3}(\.\d{1,3}){3}$/ ) )
{
$message = "Malformatted HELO/EHLO argument: " . $helo;
}
...
if ( $message ) {
...
$returnval = 'REJECT'; # reject
}
return ($returnval, $message);
}
