On Wed, 10 Jun 2015, Bill Cole wrote:
> (2) Check the HELO the other guy sends and reject if it's not a FQDN
> (i.e. it's not got any periods at all).
or if it's your FQDN, or your IP - they should use their FQDN, not yours.
And if you don't/can't use a greeting pause, these are useful in catching
many of the bots that fast-talk.
Absolutely. I see a lot of instances where the first couple of tries from
a given IP are blocked by greet-pause, and then after a bit there are
several more from the same IP blocked by invalid HELO.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...much of our country's counterterrorism security spending is not
designed to protect us from the terrorists, but instead to protect
our public officials from criticism when another attack occurs.
-- Bruce Schneier
-----------------------------------------------------------------------
