|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Stopping Spam/Virus using fake address' inside local network
From: Noel Jones (njones
megan.vbhcs.org)
Date: Wed Jun 01 2005 - 17:15:47 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 05:01 PM 6/1/2005, mouss wrote:
>some viruses helo with UPPER.lower (such as MYCOMPUTER.com). you may (at
>your own risk) filter such things with a pcre, something like:
>/^[A-Z]+\.[a-z]+$/ REJECT
>in check_helo_access.
>
>(also, you can restrict the helo to these domains. this is similar to the
>sender restriction above, but using both is tricky. use another
>restriction class if needed).
This isn't useful. Access maps always force the key to lower case.
Matching case is only possible in header/body checks, and then you must use
the /i flag.
I suppose one could carefully construct a header_checks rule to find upper
case HELO names within a Received: header added by the local
machine. Probably more trouble than it's worth.
--
Noel Jones
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]