Yes, I agree with Lars. Also other "local" IPs should be checked like 10.x.y.z something.
regards, Veit Lars Uhlmann schrieb: > On Wed, 16 Aug 2006 09:07:28 -0700 Tom Collins <[EMAIL PROTECTED]> wrote: > >>> I've noticed some spam sending hosts, which use e.g. localhost/ >>> 127.0.0.1 >>> as their sender MX. When my mailserver tries to verify the sending >>> account via bounce check (connecting to 127.0.0.1), the rcpt to: >>> check is ok, because chkuser accepts "unknown" rcpt to's from >>> localhost. Is there a settings to get rid of that? >> Better would be a patch to qmail-smtpd that only accepted localhost >> and 127.0.0.1 as the HELO name on connections from 127.0.0.1. I >> don't know enough about chkuser to answer your original question. > > This would be one possibility but in this case the mail is already in > the local queue - what we try to prevent. I think an extended chkuser > patch is the better way. While chkuser already checks for an existing > MX-record it could easily test the received A-Record against > 127.0.0.0/8, RFC1918 or in case of a fqdn is it resolveable at all. > > regards, > Lars Uhlmann > >
