22 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Re: BOFHCHECKHELO...
FromSent OnAttachments
Mark ConstableJun 16, 2004 8:38 am 
Sander Holthaus - Orange XLJun 16, 2004 9:14 am 
James GravesJun 16, 2004 9:20 am 
Grzegorz JanoszkaJun 16, 2004 12:57 pm 
Grzegorz JanoszkaJun 16, 2004 3:20 pm 
Grzegorz JanoszkaJun 16, 2004 3:30 pm 
Sam VarshavchikJun 16, 2004 4:48 pm 
Sander Holthaus - Orange XLJun 16, 2004 5:11 pm 
James GravesJun 16, 2004 7:29 pm 
Sam VarshavchikJun 16, 2004 7:42 pm 
Mark ConstableJun 17, 2004 12:12 am 
Grzegorz JanoszkaJun 17, 2004 12:36 am 
Edwin CulpJun 17, 2004 4:40 am 
Grzegorz JanoszkaJun 17, 2004 4:55 am 
Gordon MessmerJun 17, 2004 12:09 pm 
Grzegorz JanoszkaJun 17, 2004 12:24 pm 
Sander Holthaus - Orange XLJun 17, 2004 4:53 pm 
Grzegorz JanoszkaJun 18, 2004 1:22 am 
Grzegorz JanoszkaJun 21, 2004 11:39 am 
James GravesJun 21, 2004 12:17 pm 
Grzegorz JanoszkaJun 21, 2004 12:50 pm 
Mark BucciarelliDec 17, 2004 6:17 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [courier-users] Re: BOFHCHECKHELO whitelisting ?Actions...
From:James Graves (jgra@deltamobile.com)
Date:Jun 21, 2004 12:17:42 pm
List:net.sourceforge.lists.courier-users

On Mon, Jun 21, 2004 at 08:38:55PM +0200, Grzegorz Janoszka wrote:

On Thu, 17 Jun 2004, Grzegorz Janoszka wrote:

Maybe can we use the bits of BOFHCHECKHELO? Bit 0 (value of 1) - the same as today - all bad HELO is bloked. (this gives us backward compatibility) Bit 1 (2) - hosts presenting with our names or our IP's are blocked. Bit 2 (4) - non resolvable HELO's are blocked Bit 3 (8) - bad HELO is blocked but we pass through HELO 'hotmail.com' from host 'out2.mail.hotmail.com' (from the same domain) or from the same IP class C

I would like to use opt BOFHCHECKHELO=14.

So? Any feedback?

Should I write a patch for some new variables? For example BLOCKNOTFQDNHELO, BLOCKMYHELO, BLOCKNOTRESOLVABLEHELO, BLOCKOTHERDOMAINHELO and so on?

I'd like to see it. I have one further thing to add:

Some spam coming in starts with (literally) 'HELO foo'. I would like to have an option to at least check the syntax of the host/domain name.

Anything that isn't a properly formatted FQDN or at least a domain name should be rejected.

Thanks,

James Graves Delta Mobile Software http://www.deltamobile.com