Yup Yup it would :) ----- Original Message ----- From: "Shawn Anderson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, March 30, 2004 11:13 AM Subject: [xmail] Re: DNS and Cached DNS in Xmail
> That would be a nice addition :) > S > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Davide Libenzi > Sent: Tuesday, March 30, 2004 2:04 PM > To: XMail mailing list > Subject: [xmail] Re: DNS and Cached DNS in Xmail > > On Tue, 30 Mar 2004, Tracy wrote: > > > FCrDNS: Take the connecting IP address, retrieve all PTR records > > (hopefully only one, but possible to get more). Then take the PTR > > record(s) and do A lookup on it. Compare the connecting IP address to > > the A records returned - if no match, either the DNS for the > > connecting IP has been misconfigured/corrupted, or it's being forged > > by a spammer. (Of course, this assumes that RDNS is in place for all > > connecting IP addresses - a policy I have implemented for my server > > anyway.) > > > > RCfDNS: Take the HELO/HELO name, retrieve all A records. Starting with > > the first returned A record, do PTR lookup. If HELO/EHLO matched PTR > > found for any A record, assume valid, otherwise reject as > > misconfigured/corrupt DNS or forgery. > > > > The RCfDNS is going to be expensive, due to the possible number of > > lookups and the string comparisons,so it may not be worth the expense. > > However the FCrDNS I definitely want to implement. > > > > I don't know if you would be interested in this kind of code or not > > for inclusion in a future version - if so (and you can stand my poor > > coding skills :) I'd be happy to share once I have something working... > > Nope. But I was thinking that XMail could have a special filter call right > before sending the response to the DATA command. A file with all the info > (IPs, sender, recipients, etc..) will be passed to the filter, that in turn > can reject by returning certain error codes. So this stuff can be done with > filters. How do you like it? > > > > - Davide > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in the body > of a message to [EMAIL PROTECTED] For general help: send the line > "help" in the body of a message to [EMAIL PROTECTED] > > > > -- Binary/unsupported file stripped by Ecartis -- > -- Type: application/x-pkcs7-signature > -- File: smime.p7s > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
