I don't have svn access yet, but I have posted the module here: http://www.sysdesign.ca/archive/mod_dnsbl_lookup-0.91.tar.gz
This is much improved from my earlier 0.90, taking advice from Colm. With this new style of configuration the module can be used more flexibly for blacklists, whitelists, or other things. Configuration now looks like: DnsblZone spammers sbl.spamhaus.org. any DnsblZone spammers dnsbl.sorbs.net. 127.0.0.5 DnsblZone spammers dnsbl.sorbs.net. 127.0.0.6 DnsblZone whitelist customers.dnsbl any RhsblZone spammers rhsbl.ahbl.org. 127.0.0.2 The README in the above tarball is very thorough and describes how to use the module's functions. I'm interested in adding the functionality into mod_smtpd of course. Rian and Nick: how should we proceed on that? Here in brief is a relevant part of my README =========================== 4. Using from mod_smtpd =========================== The function calls work in isolation, without requiring any prior setup before using DNSBLs. The server configuration takes care of all DNSBL and RHSBL setup, including domains to query and responses to interpret as positive. The important knowledge link between mod_dnsbl_lookup and its user, say mod_smtpd, is the chain name that defines the desired DNSBLs. Instead of hard coding a chain name, it makes much more sense to have a module such as mod_smtpd load during its configuration some chains to work with. So mod_smtpd might have configuration directives such as: SmtpBlacklistChain blackchain SmtpWhitelistChain whitechain Now mod_smtpd knows which chain to query for blacklisting purposes, and which chain to query for whitelisting purposes. The admin may leave either chain undefined of course and can easily modify the configuration by substituting different chain names (as used by DnsblZone and RhsblZone). The pseudo code within mod_smtpd might then be: Attempt to load optional dnsbl_lookup functions If functions are available If dnsbl_lookup_ip("whitechain", client) == DNSBL_POSITIVE return ALLOW_SERVICE // even if blacklisted Else If dnsbl_lookup_ip("blackchain", client) == DNSBL_POSITIVE return DENY_SERVICE return ALLOW_SERVICE // default action - Jem