On Jun 9, 2015, at 12:29 PM, John Hardin <jhar...@impsec.org> wrote:
(2) Check the HELO the other guy sends and reject if it's not a FQDN
(i.e. it's not got any periods at all). This probably shouldn't be done
on mail originating locally, but for mail coming in from the Internet the
other MTA should always be sending a FQDN in the HELO. A non-FQDN HELO
is a pretty good sign of a spambot sending from a compromised workstation
or PC directly to your MTA.
On 09.06.15 12:48, Amir Caspi wrote:
Do you have a sendmail line (or lines) that we can pretty much copy/paste
to implement this, for those of us who are not total sendmail experts and
too lazy (or busy, or incompetent) to Google something like this? =)
FEATURE(`block_bad_helo')
define(`confALLOW_BOGUS_HELO', `False')
I'm not sure whether or not I have enabled requiring valid rDNS... given
how many legitimate mailservers out there don't have proper rDNS,
how many? I'm happy to block them for years...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)
