[EMAIL PROTECTED] wrote:
>>>> I have this to block connections with no reverse DNS: # : no
>>>> reverse dns #defer !verify = reverse_host_lookup
>>>> # message = Reverse DNS lookup failed for host
>>>> $sender_host_address
>
>> And rejecting based on missing reverse DNS has way too much false
>> positives.
>
> reverse_host_lookup seems to check if there is reverse DNS and also
> that it has a matching forward DNS. Is there a way to only check for
> reverse and not check that there is a matching forward? All my false
> positives seem to have a reverse DNS but the forward does not match.
>
> Matt
Yes, you can separate the "no rDNS" and the "rDNS/forward mismatch"
conditions. This may be a bit inefficient, but we run caching DNS on our
gateways, so it could be worse. Someone else may have a better way...
;-)
You can obviously use the flags and headers for whatever you want once
you've got them.
regards
Richard
# Check to see if the sending host has a rDNS PTR - never mind whether
# it matches the forward lookup - and log/add header if not.
warn
condition = ${lookup
dnsdb{ptr=$sender_host_address}{false}{true}}
message = X-staffs-no-rdns: true
log_message = There is no reverse DNS on $sender_host_address
# and set a flag - RMR 10.9.07
set ACL_NO_REVERSE_DNS = triggered
# If rDNS exists, check if forward lookup matches. If not, set a flag,
# add a header, and log.
# RMR 26 Nov 2007
warn
condition = ${if eq {$ACL_NO_REVERSE_DNS}{false}}
!verify = reverse_host_lookup
message = X-staffs-rdns-fwd-mismatch: true
log_message = Reverse and forward DNS on $sender_host_address
don't match
set ACL_RDNS_FWD_MISMATCH = triggered
--
Richard Rogers
IT Development and Innovation Manager
Information Services, Staffordshire University
The information in this email is confidential and is intended solely for the
addressee. Access to this email by anyone else is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution or
any action taken or omitted to be taken in reliance on it, except for the
purpose of delivery to the addressee, is prohibited and may be unlawful.
Kindly notify the sender and delete the message and any attachment from your
computer.
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
