martin <[EMAIL PROTECTED]> wrote:
> >E-mail addresses can't be blocked with tcprules. They are blocked in
> >/var/qmail/control/badmailfrom
>
> Are you saying that e-mail addresses can`t be denied, but they are allowed e.g.
> [EMAIL PROTECTED]:allow apparently is legal but
> [EMAIL PROTECTED]:deny is not.???
No.
tcpserver will allow/deny connections from particular IP addresses with
this syntax:
1.2.3.4:allow
2.3.4.5:deny
You can use hostnames like the following, if you have reverse lookups
turned on. Note that you should run in paranoid mode to use these:
host.domain.tld:allow
host.domain2.tld:deny
You can use rules that use $TCPREMOTEINFO; this is the ident lookup from
the remote host. Note that this is _not_ an email address, even though
it looks like one:
[EMAIL PROTECTED]:allow
joe@=host.domain.tld:allow
The "=" in the second line is necessary because you're using a hsotname
instead of an IP address. The use of TCPREMOTEINFO isn't particularly
useful, as it's completely under the control of the attacker, and for
many hosts there is no ident service available.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
