This wouldn't be a right-hand whitelist exactly -- spamdyke already
supports RHSWLs by checking the rDNS name against the list.
Supporting DynDNS would require an extra step. It would function like
an IP whitelist, except the IP addresses would be found by querying a
list of FQDNs. For
This behavior is correct. The reject-ip-in-cc-rdns option will only
block a connection if it meets two criteria:
1) The IP address must be part of the rDNS name.
2) The rDNS name must end in a two-character country code.
That's why you're seeing some connections being blocked -- their
You understood it correctly. The main problem is that it would produce a
huge additional amount of dns queries. A periodically generated ip
whitelist is still better than putting it into spamdyke.
Regards
Zoltan
Sam Clippinger wrote:
This wouldn't be a right-hand whitelist exactly --
What would happen when the DynDNS changes? Would the IP still remain in the
whiteiplist?
If automatic de-listing is not possible, it would be useful to add a comment
(like: # mail.example.org DynDNS) to the IP listing, to make manual editing
easier.
Just a thought.
Thanks- Sergio
-Original
Sam Clippinger wrote:
This behavior is correct. The reject-ip-in-cc-rdns option will only
I just found out that leading zero fools this filter:
111.222.111.33 = 111-222-11-033.domain pass while it should not
Regards,
--
Daddy, what Formatting drive C: means?...
Marcin
Sam Clippinger wrote:
Other connections are not being blocked because their rDNS names don't
end in country codes. Instead, they use three-character TLDs like
.com and .net. If you want to block those connections as well, use
the ip-in-rdns-keyword-file option and put .com and .net in
This feature would not alter any whitelist files. It would only save
the IP addresses in memory long enough to process the message. The next
incoming message would have to look up the IP addresses again.
-- Sam Clippinger
Sergio Minini {NETKEY} wrote:
What would happen when the DynDNS
spamdyke looks for the IP address in many different formats. If the IP
address is 11.22.33.44, it looks for:
11.22.33.44
011.022.033.044
11.022.033.044 (new in version 4.0.0)
11.22.033.044 (new in version 4.0.0)
11.22.33.044 (new in version 4.0.0)
44.33.22.11
I see. Well, I need a way to reproduce this error before I can fix it.
Does anyone know of any other distribution that included gcc version
3.4.6 that I could still download?
Or is it possible you could give me access to your server so I can test
this myself?
-- Sam Clippinger
Thorsten
I see.
I still think that regex's are more intuitive/flexible though. ;)
Sam Clippinger wrote:
If the entry starts with a dot, it will only match the end of the rDNS
name. If there is no dot, it will match anywhere in the name.
-- Sam Clippinger
Eric Shubert wrote:
Sam Clippinger
Sam Clippinger wrote:
spamdyke looks for the IP address in many different formats. If the IP
address is 11.22.33.44, it looks for:
11.22.33.44
011.022.033.044
11.022.033.044 (new in version 4.0.0)
11.22.033.044 (new in version 4.0.0)
11.22.33.044 (new in version 4.0.0)
Sorry, I should have mentioned that the dots in the formats I listed can
actually be any non-alphanumeric character (dashes, underscores, etc).
-- Sam Clippinger
Eric Shubert wrote:
Sam Clippinger wrote:
spamdyke looks for the IP address in many different formats. If the IP
address is
Sam Clippinger wrote:
spamdyke looks for the IP address in many different formats. If the IP
address is 11.22.33.44, it looks for:
11.22.33.44
011.022.033.044
[...]
As for putting filter entries in the main configuration file instead of
separate files, I'm a step ahead of you. :)
Hi,
For graylisting to work in current version the domain folders must be
created before graylisting will work. This is the most common mistake
when setting up spamdyke to perform graylisting. May I opt for a
feature to just make spamdyke graylist all the connections *without*
the need of the
Well what I did was create a shell script since i add all my new users
and domains at the command line on my toaster to set my default
quota's, etc.
I just added a line to create that directory.
Works like a charm and enables my gray listing from the get go.
dnk
On 22-Apr-08, at 11:31
dnk wrote:
I just added a line to create that directory.
Works like a charm and enables my gray listing from the get go.
If you want all traffic graylisted this is simply unnecesary. If
spamdyke can create user dir it could domain too. One item
less to manage and keep eye on.
Marcin
On Tuesday 22 April 2008 18:30, Sam Clippinger wrote:
This feature would not alter any whitelist files. It would only save
the IP addresses in memory long enough to process the message. The next
incoming message would have to look up the IP addresses again.
Would djb's dnscache help in this
That makes sense, but it's not what I read at
http://www.spamdyke.org/documentation/README.html#RDNS
I don't see anything there about looking up a corresponding DNS A record.
Is the documentation perhaps out of date? (or am I losing it?) ;)
Do we perhaps need 2 parameter/rules? One for when the
I had a problem receiving a particular email message. It would always send
the same amount of data, then timeout. The same amount of data was
sent/received with timeouts of 60 and 180 seconds.
I logged the message (great little feature of spamdyke btw), and the end
part of the message log always
You're reading the correct section. The third and fourth paragraphs
describe reject-unresolvable-rdns, which is the filter that was
triggered in your example. The text doesn't actually use the term A
record, instead saying that spamdyke attempts to get an IP address
from the name. When I
20 matches
Mail list logo
