[Mimedefang] Revisit: Filtering on HELO
philipp_subx at redfish-solutions.com
Fri Mar 23 00:56:51 EST 2007
> We check for localhost or 127.0.0.1
> We check for our name.
> We check for our IP address with/without ['s
> We check for helo of friend
> We check for helo where length < 3 or doesn't have dots.
I would add to all that also checking that if the
remote end says "HELO [x.x.x.x]", that the x.x.x.x
really is the same as their $hostip (or whatever)
and not some other address.
A lot of hosts say "HELO 126.96.36.199" when their address
is really 188.8.131.52.
If they can't be trusted to figure out their own
address, then they're probably pretty broken (and
that includes being behind a NATing firewall as we
More information about the MIMEDefang