[EMAIL PROTECTED] wrote: >>>> I have this to block connections with no reverse DNS: # : no >>>> reverse dns #defer !verify = reverse_host_lookup >>>> # message = Reverse DNS lookup failed for host >>>> $sender_host_address > >> And rejecting based on missing reverse DNS has way too much false >> positives. > > reverse_host_lookup seems to check if there is reverse DNS and also > that it has a matching forward DNS. Is there a way to only check for > reverse and not check that there is a matching forward? All my false > positives seem to have a reverse DNS but the forward does not match. > > Matt
Yes, you can separate the "no rDNS" and the "rDNS/forward mismatch" conditions. This may be a bit inefficient, but we run caching DNS on our gateways, so it could be worse. Someone else may have a better way... ;-) You can obviously use the flags and headers for whatever you want once you've got them. regards Richard # Check to see if the sending host has a rDNS PTR - never mind whether # it matches the forward lookup - and log/add header if not. warn condition = ${lookup dnsdb{ptr=$sender_host_address}{false}{true}} message = X-staffs-no-rdns: true log_message = There is no reverse DNS on $sender_host_address # and set a flag - RMR 10.9.07 set ACL_NO_REVERSE_DNS = triggered # If rDNS exists, check if forward lookup matches. If not, set a flag, # add a header, and log. # RMR 26 Nov 2007 warn condition = ${if eq {$ACL_NO_REVERSE_DNS}{false}} !verify = reverse_host_lookup message = X-staffs-rdns-fwd-mismatch: true log_message = Reverse and forward DNS on $sender_host_address don't match set ACL_RDNS_FWD_MISMATCH = triggered -- Richard Rogers IT Development and Innovation Manager Information Services, Staffordshire University The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, except for the purpose of delivery to the addressee, is prohibited and may be unlawful. Kindly notify the sender and delete the message and any attachment from your computer. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/