Top > Notes > Exim: Blocking Mail Based on HELO Parameter

This Exim4 ACL snippet will allow you to block mail from servers based on the parameter given to the HELO command. This would seem to be a rather strange thing to do, but can be useful in some situations.

    	deny message = Your server is blacklisted because of the HELO name
	     condition = ${lookup {$sender_helo_name} lsearch{filepath}{yes}{no}}
	     hosts = !relay_hosts
    

You should replace the "filepath" in the above with a filename that contains a list of "HELO names" that should be blocked. The first thing to stuff in that file is the IP address of your own mail server. This may seem rather strange, but unless your mail server is really badly configured it will not identify itself this way.

It turns out that spammers sometimes use servers that announce themselves with the IP address that they are connecting too. Which is why I knocked up this ACL snippet. It turns out this is quite effective at blocking spam. Don't deceive yourself though, whilst quite useful it does not replace other mechanisms for blocking spam.