Plugin details: helodnscheck2 

helodnscheck2 details

Compile it and place it in the [helo] section.

Compile as follows: gcc -o helodnscheck helodnscheck2.c -lresolv

Note: If there is no HELO/EHLO argument, it defaults to a permanent block.

Check if host name of HELO/EHLO command has a valid A record in DNS and, optionally, further check if the TCPREMOTEIP variable (mostly set by tcpserver) match any of the IP addresses the HELO resolves to depending on the environment variable HELO_DNS_CHECK, deny, log and/or add a header if HELO don't solve to an address or the addresses don't contain the TCPREMOTEIP

 [default] - deny if HELO doesn't solve to a record
        P - passthrough, don't deny even HELO don't solve to A record
            (of course, use with L and/or H)
        D - deny if TCPREMOTEIP not contained in the addresses solved
        L - log
        H - add header "X-Helo-Check"
        R - if "RELAYCLIENT" is set, don't do anything

   the above can be combined, so DL means deny & log
   if TCPREMOTEIP is not set, log but allow

Read the code, which is very simple, for details.



Author: Ren Bing
Added on: 2008-04-18
URL: /downloads/helodnscheck2.c


<<< Back to plugins

Copyright © 2004-2008 Paweł Foremski

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license can be found here.