[EMAIL PROTECTED] wrote:
Comment: not sufficiently general
Failing 127.0.0.1 and 0.0.0.0 is a good start... but there's all
kinds of invalid IP assignments that are being missed. How often are
they used? I don't know.
...
Checking the IP against all of these "bad" subnets is probably cheap
computationally, as the expensive part is getting the DNS lookup in
the first place.
The risk, of course, is that you have to remember you're making these
checks in the event that IANA ever changes anything. I recall a while
back they opened up a previously unused section of IP address space, and
people who moved into it had to deal with traffic and mail being
rejected because it was "obviously" forged. It wasn't resolved quickly,
either. IIRC it took some sites months (or longer) to catch up.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
