Martin Ji?i?ka: > > Did you mean: reject_rhsbl_sender (i.e. reject the sender domain)? > > That already exists. > > The `reject_rhsbl_sender` checks whether MAIL FROM domain is listed > under rbl_domain. And I would like to have `reject_rbl_sender` that > would check whether reversed sender domain is listed under rbl_domain. > In other words, as there are `reject_rhsbl_client` and > `reject_rbl_client` restrictions, analogously I would like to have > `reject_rhsbl_sender` AND `reject_rbl_sender`. > > Reason is I have found out that very very often my uncaught spam have > MAIL FROM domain that is not listed under dbl.spamhaus.org, but its > reversed address is listed under zen.spamhaus.org. I gave example with > "spplalru.com" domain.
We already have check_mumble_mx_access and check_mumble_ns_access to map a domain name to a collection of IP addresses. It seems natural (for me at least) to introduce a new map type dnsbl: that maps those IP addresses to an action. Example: check_sender_mx_access dnsbl:zen.spamhaus.org=127.0.0.1 check_client_ns_access dnsbl:zen.spamhaus.org=127.0.0.1 In case somoeone runs their DNS or MX service off a botnet. Wietse