Compile it and place it in the [helo] section.
Compile as follows: gcc -o helodnscheck helodnscheck2.c -lresolv
Note: If there is no HELO/EHLO argument, it defaults to a permanent block.
Check if host name of HELO/EHLO command has a valid A record in DNS and, optionally, further check if the TCPREMOTEIP variable (mostly set by tcpserver) match any of the IP addresses the HELO resolves to depending on the environment variable HELO_DNS_CHECK, deny, log and/or add a header if HELO don't solve to an address or the addresses don't contain the TCPREMOTEIP
[default] - deny if HELO doesn't solve to a record P - passthrough, don't deny even HELO don't solve to A record (of course, use with L and/or H) D - deny if TCPREMOTEIP not contained in the addresses solved L - log H - add header "X-Helo-Check" R - if "RELAYCLIENT" is set, don't do anything the above can be combined, so DL means deny & log if TCPREMOTEIP is not set, log but allow
Read the code, which is very simple, for details.
Author: Ren Bing
Added on: 2008-04-18
<<< Back to plugins
Copyright © 2004-2008 Paweł Foremski
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license can be found here.