clemens fischer wrote: > Simon Kelley wrote: > >> OK, try test25, in the usual place. I called the option >> --rebind-domain-ok but otherwise it's as Clemens describes. > > What can I say? It just works! I have "stop-dns-rebind" on and three > dnsbl's configured: > > --rebind-domain-ok=/zen.spamhaus.org/ > --rebind-domain-ok=/dnsbl-1.uceprotect.net/ > --rebind-domain-ok=/ix.dnsbl.manitu.net/ > > The smtp server (postfix) does its lookups and gets the proper results > in the 127/8 range. Then I removed the above arguments from dnsmasq's > command line: now I see "possible DNS-rebind attack detected" for > connecting IPs listed for spamming. > > A perfect result! > I added the offending domain to the log message and turned it on on my mail server box, which is running spamassasin. In addition to the three you have, I've added
rebind-domain-ok=/rfc-ignorant.org/ rebind-domain-ok=/sorbs.net/ rebind-domain-ok=/uribl.com/ rebind-domain-ok=/surbl.org/ rebind-domain-ok=/dnswl.org/ rebind-domain-ok=/njabl.org/ and it seems to be quiet now. Cheers, Simon.
