Matthias Scheler wrote: > Emmanuel Dreyfus wrote: > > You can't fight on the HELO string, as the spammer can send whatever he > > wants. HELO filtering is only going to help in dealing with very special > > situations IMO. > > But it works. I use "milter-regex" for this purpose and it rejected > 831 SMTP connections (on a low traffic mail server) which used > "HELO localhost" in the last 24 hours. How many of those were spam? And how many of those were legitimate mails? Can you even tell for sure? It should be noted that using greylisting (which is still the main purpose of milter-greylist) is perfectly RFC- compliant. But rejecting mails based on the HELO string is not. Therefore, if there's any mentioning of such HELO-based filtering in the manpage or other docs, it should be accompanied by a fat warning, IMHO. So at least those who intentionally make their servers violate the RFCs are aware of it. I expect that many people who use milter-greylist have never read the appropriate RFCs. The internet is becoming more and more of a tough place because people don't read standards or use "trial and error" methods. I think that milter-greylist should try not to make it worse, and at least document the most critical things. Milters often operate at the very edge of RFC-compliance ... Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Gesch\ufffdftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht M\ufffdn- chen, HRB 125758, Gesch\ufffdftsf\ufffdhrer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "Whatever happened to the days when hacking started at the cerebral cortex, and not at the keyboard?" -- Sid on userfriendly.org by Illiad, 2007-06-20
Message
Re: [milter-greylist] Invalid helo strings check support?.
2007-06-20 by Oliver Fromme