Suggest a command line option to denote that RFC1918
addresses should be ignored. The -a option should
remain as is and unaffected by this new option.
Logged In: YES
Would this be functionally identical to listing the RFC1918
blocks in a peerfile, referenced by "-a"?
Logged In: YES
I think it is not exactly the same thing. Perhaps an
example of what's going on will help.
I have lots of cable and DSL customers who connect with SMTP
AUTH and HELO with their internal NAT addresses. From what
I can tell, there are no command line options I can use to
prevent an error from being generated when they use my
server to send mail.
If sid-filter should basically ignore such clients, adding
them to the peerlist (via "-a") should suffice. The
peerlist is a list of domains and/or client IP addresses
which the filter should just ignore on connection.
(I confess fuzzy memory since I turned it off some time ago)
The connecting address IP is public from anywhere, the HELO
string contains a bracketed RFC1918 address from inside
their NAT box. ISTR using -a didn't work because of this.
The filter doesn't even look at the HELO value. The -a
comparison is based only on the IP address of the connection
and the result of the MTA trying to get a name for that IP
Thus, if you just want it to ignore those IP blocks, adding
them to the peerlist should suffice.
Ok, I'm satisfied with that. Thanks for the help.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.