Re: Blocking bad HELO ( and Netsky virus )
This is a discussion on Re: Blocking bad HELO ( and Netsky virus ) within the mailing.postfix.users forums, part of the Mail Servers and Related category; Postfix-taa wrote regarding 'Blocking bad HELO ( and Netsky virus )' on Sun, Oct 17 at 16:25: > Good evening ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-19-2004
|
|||
|
|||
Re: Blocking bad HELO ( and Netsky virus )
Postfix-taa wrote regarding 'Blocking bad HELO ( and Netsky virus )' on Sun, Oct 17 at 16:25:
> Good evening list .. > > Apparently, the NetSky/D virus is always using the recipients domain > name when HELO'ing to my MTAs. > > Creating an access-table with my domain names and adding a > check_helo_access line to my smtpd restrictions seems to get rid of the > virus: > > --smtp_helo_blacklist-- > <my-ip> 554 That's my name > <my-hostname> 554 That's my name > <mydomain1> 554 That's my domain name > <mydomain2> 554 That's my domain name > > ----------------------- > > --main.cf--- > smtpd_recipient_restrictions = > .. > .. > check_helo_access hash:/etc/postfix/tables/smtp_helo_blacklist > .. > > ------------ Just out of curiosity, is there any reason to put that in the smtpd_recipient_restrictions instead of smtpd_helo_restrictions? As I'm also using "reject_unknown_client", etc, it seems that it'd make more sense to put helo restriction in the helo_restrictions section... Eh, carry on. --Danny 
|
Linear Mode
