On Tue, 30 Mar 2004, Tracy wrote: > FCrDNS: Take the connecting IP address, retrieve all PTR records (hopefully > only one, but possible to get more). Then take the PTR record(s) and do A > lookup on it. Compare the connecting IP address to the A records returned - > if no match, either the DNS for the connecting IP has been > misconfigured/corrupted, or it's being forged by a spammer. (Of course, > this assumes that RDNS is in place for all connecting IP addresses - a > policy I have implemented for my server anyway.) > > RCfDNS: Take the HELO/HELO name, retrieve all A records. Starting with the > first returned A record, do PTR lookup. If HELO/EHLO matched PTR found for > any A record, assume valid, otherwise reject as misconfigured/corrupt DNS > or forgery. > > The RCfDNS is going to be expensive, due to the possible number of lookups > and the string comparisons,so it may not be worth the expense. However the > FCrDNS I definitely want to implement. > > I don't know if you would be interested in this kind of code or not for > inclusion in a future version - if so (and you can stand my poor coding > skills :) I'd be happy to share once I have something working...
Nope. But I was thinking that XMail could have a special filter call right before sending the response to the DATA command. A file with all the info (IPs, sender, recipients, etc..) will be passed to the filter, that in turn can reject by returning certain error codes. So this stuff can be done with filters. How do you like it? - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
