#---------------------------------------------------------------------
# This file is part of iRedMail, which is an open source mail server
# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
#
# iRedMail is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# iRedMail is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with iRedMail. If not, see .
#---------------------------------------------------------------------
#
# Sample Postfix check_helo_access rule. It should be localted at:
# /etc/postfix/check_helo_access.pcre
#
# Shipped within iRedMail project:
# * http://www.iredmail.org/
#
# Thanks all contributer(s):
# * muniao gamil.
#
# Prepend HELO identifier for anti-spam analytics.
/(.*)/ PREPEND X-Original-Helo: $1 (MS-898: https://898.ro)
#*******************************************
# IP address: (([0-9]){3}-){2}
#*******************************************
# No one will use these in helo command.
/^localhost$/ REJECT Go away, bad guy (localhost).
/^localhost.localdomain$/ REJECT Go away, bad guy (localhost.localdomain).
# Reject who use IP address as helo.
# Correct: [xxx.xxx.xxx.xxx]
# Incorrect: xxx.xxx.xxx.xxx
/^[0-9.]+$/ REJECT Go away, bad guy (not RFC compliant).
#
# This is the real HELO identify of these ISPs:
# sohu.com websmtp.sohu.com relay2nd.mail.sohu.com
# 126.com m15-78.126.com
# 163.com m31-189.vip.163.com m13-49.163.com
# sina.com mail2-209.sinamail.sina.com.cn
# gmail.com xx-out-NNNN.google.com
#
/^126\.com$/ REJECT Go away, bad guy (126.com).
/^163\.com$/ REJECT Go away, bad guy (163.com).
/^163\.net$/ REJECT Go away, bad guy (163.net).
/^sohu\.com$/ REJECT Go away, bad guy (sohu.com).
/gmail\.com$/ REJECT Go away, bad guy (gmail.com).
/^google\.com$/ REJECT Go away, bad guy (google.com).
/^yahoo\.com\.cn$/ REJECT Go away, bad guy (yahoo.com.cn).
/^yahoo\.co\.jp$/ REJECT Go away, bad guy (yahoo.co.jp).
#
# Spammers.
#
/^728154EA470B4AA\.com$/ REJECT Go away, bad guy (728154EA470B4AA.com).
/^dsldevice\.lan$/ REJECT Go away, bad guy (dsldevice.lan).
/^taj-co\.com$/ REJECT Go away, bad guy (taj-co.com).
/^CF8D3DB045C1455\.net$/ REJECT Go away, bad guy (CF8D3DB045C1455.net).
/^dsgsfdg\.com$/ REJECT Go away, bad guy (dsgsfdg.com).
/^se\.nit7-ngbo\.com$/ REJECT Go away, bad guy (se.nit7-ngbo.com).
/^mail\.goo\.ne\.jp$/ REJECT Go away, bad guy (mail.goo.ne.jp).
/^n-ong_an\.com$/ REJECT Go away, bad guy (n-ong_an.com).
/^e5\.il\.n5tt\.zj\.cn$/ REJECT Go away, bad guy (e5.il.n5tt.zj.cn).
/^meqail\.teamefs-ine5tl\.com$/ REJECT Go away, bad guy (meqail.teamefs-ine5tl.com).
/^zzg\.jhf-sp\.com$/ REJECT Go away, bad guy (zzg.jhf-sp.com).
/^din_glo-ng\.net$/ REJECT Go away, bad guy (din_glo-ng.net).
/^fda-cnc\.ie\.com$/ REJECT Go away, bad guy (fda-cnc.ie.com).
/^yrtaj-yrco\.com$/ REJECT Go away, bad guy (yrtaj-yrco.com).
/^m\.am\.biz\.cn$/ REJECT Go away, bad guy (m.am.biz.cn).
/^xr_haig\.roup\.com$/ REJECT Go away, bad guy (xr_haig.roup.com).
/^hjn\.cn$/ REJECT Go away, bad guy (hjn.cn).
/^we_blf\.com\.cn$/ REJECT Go away, bad guy (we_blf.com.cn).
/^netvigator\.com$/ REJECT Go away, bad guy (netvigator.com).
/^mysam\.biz$/ REJECT Go away, bad guy (mysam.biz).
/^mail\.teams-intl\.com$/ REJECT Go away, bad guy (mail.teams-intl.com).
/^seningbo\.com$/ REJECT Go away, bad guy (seningbo.com).
/^nblf\.com\.cn$/ REJECT Go away, bad guy (nblf.com.cn).
/^kdn\.ktguide\.com$/ REJECT Go away, bad guy (kdn.ktguide.com).
/^zzsp\.com$/ REJECT Go away, bad guy (zzsp.com).
/^nblongan\.com$/ REJECT Go away, bad guy (nblongan.com).
/^dpu\.cn$/ REJECT Go away, bad guy (dpu.cn).
/^mail\.nbptt\.zj\.cn$/ REJECT Go away, bad guy (mail.nbptt.zj.cn).
/^nbalton\.com$/ REJECT Go away, bad guy (nbalton.com).
/^cncie\.com$/ REJECT Go away, bad guy (cncie.com).
/^xinhaigroup\.com$/ REJECT Go away, bad guy (xinhaigroup.com).
/^system.mail$/ REJECT Go away, bad guy (system.mail).
/^wz\.com$/ REJECT Go away, bad guy (wz.com).
/^speedtouch\.lan$/ REJECT Go away, bad guy (speedtouch.lan).
/^dsldevice\.lan$/ REJECT Go away, bad guy (dsldevice.lan).
/\.zj.cn$/ REJECT Go away, bad guy (.zj.cn).
/\.kornet$/ REJECT Go away, bad guy (.kornet).
/\.zj.cn$/ REJECT Go away, bad guy (.zj.cn).
/\.local$/ REJECT Go away, bad guy (.local).
#
# Reject adsl spammers.
#
/adsl/ REJECT Go away, bad guy (adsl).
/dynamic/ REJECT Go away, bad guy (dynamic)
/\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}/ REJECT Go away (dynamic).
/pppoe/ REJECT Go away, bad guy (pppoe).
/dsl\.brasiltelecom\.net\.br/ REJECT Go away, bad guy (dsl.optinet.hr)
/dsl\.optinet\.hr/ REJECT Go away, bad guy (dsl.telesp.net.br)
/dsl\.telesp\.net\.br/ REJECT Go away, bad guy (dialog)
/dialup/ REJECT Go away, bad guy (dialup)
/dhcp/ REJECT Go away, bad guy (dhcp)
/dhcp\.stls\.mo\.charter\.com/ REJECT Go away, bad guy (dhcp.stls.mo.charter.com)
/pool-/ REJECT Go away, bad guy (pool-)
/^cpe-/ REJECT Go away, bad guy (cpe-)
/\.cpe\./ REJECT Go away, bad guy (.cpe.)
/speedy\.com\.ar$/ REJECT Go away, bad guy (speedy.com.ar)
/speedyterra\.com\.br$/ REJECT Go away, bad guy (speedyterra.com.br)
/static\.sbb\.rs$/ REJECT Go away, bad guy (static.sbb.rs)
/static\.vsnl\.net\.in$/ REJECT Go away, bad guy (static.vsnl.net.in)
/advance\.com\.ar/ REJECT Go away, bad guy
/airtelbroadband\.in/ REJECT Go away, bad guy
/bb\.netvision\.net\.il/ REJECT Go away, bad guy
/bezeqint\.net/ REJECT Go away, bad guy
/broadband3\.iol\.cz/ REJECT Go away, bad guy
/cable\.net\.co/ REJECT Go away, bad guy
/catv\.broadband\.hu/ REJECT Go away, bad guy
/chello\.nl/ REJECT Go away, bad guy
/chello\.sk/ REJECT Go away, bad guy
/client\.mchsi\.com/ REJECT Go away, bad guy
/cncdnh\.east\.verizon\.net/ REJECT Go away, bad guy
/comunitel\.net/ REJECT Go away, bad guy
/coprosys\.cz/ REJECT Go away, bad guy
/dclient\.hispeed\.ch/ REJECT Go away, bad guy
/dfw\.dsl-w\.verizon\.net/ REJECT Go away, bad guy
/dip0\.t-ipconnect\.de/ REJECT Go away, bad guy
/domain\.invalid/ REJECT Go away, bad guy
/dyn\.centurytel\.net/ REJECT Go away, bad guy
/embarqhsd\.net/ REJECT Go away, bad guy
/emcali\.net\.co/ REJECT Go away, bad guy
/epm\.net\.co/ REJECT Go away, bad guy
/eutelia\.it/ REJECT Go away, bad guy
/fastwebnet\.it/ REJECT Go away, bad guy
/fibertel\.com\.ar/ REJECT Go away, bad guy
/freedom2surf\.net$/ REJECT Go away, bad guy
/hgcbroadband\.com$/ REJECT Go away, bad guy
/HINET-IP\.hinet\.net$/ REJECT Go away, bad guy
/infonet\.by$/ REJECT Go away, bad guy
/is74\.ru$/ REJECT Go away, bad guy
/kievnet\.com\.ua$/ REJECT Go away, bad guy
/metrotel\.net\.co$/ REJECT Go away, bad guy
/nw\.nuvox\.net$/ REJECT Go away, bad guy
/pitbpa\.fios\.verizon\.net$/ REJECT Go away, bad guy
/pldt\.net$/ REJECT Go away, bad guy
/pool\.invitel\.hu$/ REJECT Go away, bad guy
/pool\.ukrtel\.net$/ REJECT Go away, bad guy
/pools\.arcor-ip\.net$/ REJECT Go away, bad guy
/pppoe\.avangarddsl\.ru$/ REJECT Go away, bad guy
/retail\.telecomitalia\.it$/ REJECT Go away, bad guy
/revip2\.asianet\.co\.th$/ REJECT Go away, bad guy
/tim\.ro$/ REJECT Go away, bad guy
/tsi\.tychy\.pl/ REJECT Go away, bad guy
/ttnet\.net\.tr/ REJECT Go away, bad guy
/tttmaxnet\.com/ REJECT Go away, bad guy
/user\.veloxzone\.com\.br/ REJECT Go away, bad guy
/utk\.ru$/ REJECT Go away, bad guy
/veloxzone\.com\.br$/ REJECT Go away, bad guy
/verizon\.net$/ REJECT Go away, bad guy
/virtua\.com\.br$/ REJECT Go away, bad guy
/wanamaroc\.com$/ REJECT Go away, bad guy
/wbt\.ru$/ REJECT Go away, bad guy
/wireless\.iaw\.on\.ca$/ REJECT Go away, bad guy
/zj\.cn$/ REJECT Go away, bad guy
/business\.telecomitalia\.it$/ REJECT Go away, bad guy
/cotas\.com\.bo$/ REJECT Go away, bad guy
/marunouchi\.tokyo\.ocn\.ne\.jp$/ REJECT Go away, bad guy
/amedex\.com$/ REJECT Go away, bad guy.
/aageneva\.com$/ REJECT Go away, bad guy.