[Mimedefang] Revisit: Filtering on HELO

Philip Prindeville philipp_subx at redfish-solutions.com
Fri Mar 23 00:56:51 EST 2007


>
> We check for localhost or 127.0.0.1
> We check for our name.
> We check for our IP address with/without ['s
> We check for helo of friend
> We check for helo where length < 3 or doesn't have dots.

I would add to all that also checking that if the
remote end says "HELO [x.x.x.x]", that the x.x.x.x
really is the same as their $hostip (or whatever)
and not some other address.

A lot of hosts say "HELO 1.2.3.4" when their address
is really 5.6.7.8.

If they can't be trusted to figure out their own
address, then they're probably pretty broken (and
that includes being behind a NATing firewall as we
are).

-Philip




More information about the MIMEDefang mailing list