Block SMTP connections based on HELO name

On a cPanel server you can use the Exim Configuration Manager advanced editor to add a custom HELO ACL.

Go to Service Configuration » Exim Configuration Manager

Click on Advanced Editor.

Scroll down to acl_smtp_helo and enter the following lines under the ”’custom_begin_smtp_helo”’ header.

   condition = ${if eq {$sender_helo_name}{ylmf-pc} {yes}{no}}
   log_message = HELO/EHLO - ylmf-pc blocked
   message = ylmf-pc blocked

Enter the following line under ”’custom_end_smtp_helo”’


{{box_note|If you do not enter this ALL mail will be rejected.}}

You can also specify multiple conditions.

                hosts = +own_hosts

	# If the HELO pretend to be this host
	deny	condition = ${if or { \
					{eq {${lc:$sender_helo_name}}{}} \
					{eq {${lc:$sender_helo_name}}{}} \
				    } {true}{false} }

        # by default we accept

== Testing ==
You can test the ACL by connecting to the server using telnet. Issuing a helo name of “ylmf-pc” should be blocked.

[] ~ >> telnet 25
Connected to
Escape character is '^]'. ESMTP Exim 4.84 #2 Tue, 17 Feb 2015 10:53:11 -0500 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
helo ylmf-pc

550 ylmf-pc blocked
Connection closed by foreign host.

Related Posts

Deixe um comentário