Obsolete Releases > SME 8.x Contribs

qmail badhelo block top level domain

(1/1)

Bozely:
I have smeserver-wbl installed and have been adding entries to block various senders but I am finding emails continue to bypass the checks. At first I thought smeserver-wbl was not working but when examining the email headers found HELO sub domains are continually changing.

I was reading the below post regarding wildcards for badhelo entries so as to block all sub-domains of a top level domain

http://forums.contribs.org/index.php/topic,43688.msg208703.html#msg208703

mail1.spammer.com
mail2.spammer.com
mail3.spammer.com

with a single entry like

spammer.com

pwalter suggested using the code found here

http://www.nntp.perl.org/group/perl.qpsmtpd/2004/06/msg1422.html

Could anyone shed some light on how to implement this solution or if you know of more suitable solutions to the issue?

Thanks,

Knuddi:
I am actually just now running some tests to see whether a incorrect HELO/EHLO command should be reason to reject mails. The SMTP standard requires the EHLO/HELO command to be following by a FQDN which for many spammers is not the case. I can unfortunately also see that some legitimate mails are sent with incorrect FQDN.

I am not sure that this will help much - the EHLO/EHLO command does not always reflect the sending domain, especially if the server hosts many domains.

Navigation

[0] Message Index