Hi *,
we had some (smaller) troubles with a spammer sending mails with a
resolvable MX, but that MX pointed to 127.0.0.1... after blacklisting
these sending IP for a short time I added a check to the
require_resolvable_fromhost plugin...
Hanno
--- require_resolvable_fromhost.orig 2005-07-28 10:02:25.000000000 +0200
+++ require_resolvable_fromhost 2005-07-28 10:23:13.000000000 +0200
@@ -35,11 +35,40 @@
my $res = new Net::DNS::Resolver;
$res->tcp_timeout(30);
$res->udp_timeout(30);
- return 1 if mx($res, $host);
+ my @mx = mx($res, $host);
+ foreach my $mx (@mx) {
+ return mx_valid($mx->exchange);
+ }
my $query = $res->search($host);
if ($query) {
foreach my $rr ($query->answer) {
- return 1 if $rr->type eq "A" or $rr->type eq "MX";
+ if ($rr->type eq "A") {
+ return 0 if $rr->address eq "127.0.0.1";
+ return 0 if $rr->address eq "0.0.0.0";
+ return 1;
+ }
+ elsif ($rr->type eq "MX") {
+ return mx_valid($rr->exchange);
+ }
+ }
+ }
+ else {
+ $self->log(LOGWARN, "$$ query for $host failed: ", $res->errorstring)
+ unless $res->errorstring eq "NXDOMAIN";
+ }
+ return 0;
+}
+
+sub mx_valid {
+ my $name = shift;
+ my $res = new Net::DNS::Resolver;
+ my $query = $res->search($name);
+ if ($query) {
+ foreach my $rr ($query->answer) {
+ next unless $rr->type eq "A";
+ return 0 if $rr->address eq "127.0.0.1";
+ return 0 if $rr->address eq "0.0.0.0";
+ return 1;
}
}
else {
@@ -49,3 +78,4 @@
return 0;
}
+# vim: ts=2 sw=2 expandtab syn=perl
