Martin Ji?i?ka:
> > Did you mean: reject_rhsbl_sender (i.e. reject the sender domain)?
> > That already exists.
>
> The `reject_rhsbl_sender` checks whether MAIL FROM domain is listed
> under rbl_domain. And I would like to have `reject_rbl_sender` that
> would check whether reversed sender domain is listed under rbl_domain.
> In other words, as there are `reject_rhsbl_client` and
> `reject_rbl_client` restrictions, analogously I would like to have
> `reject_rhsbl_sender` AND `reject_rbl_sender`.
>
> Reason is I have found out that very very often my uncaught spam have
> MAIL FROM domain that is not listed under dbl.spamhaus.org, but its
> reversed address is listed under zen.spamhaus.org. I gave example with
> "spplalru.com" domain.
We already have check_mumble_mx_access and check_mumble_ns_access
to map a domain name to a collection of IP addresses.
It seems natural (for me at least) to introduce a new map type
dnsbl: that maps those IP addresses to an action.
Example:
check_sender_mx_access dnsbl:zen.spamhaus.org=127.0.0.1
check_client_ns_access dnsbl:zen.spamhaus.org=127.0.0.1
In case somoeone runs their DNS or MX service off a botnet.
Wietse
