On Tue, Nov 28, 2000 at 11:12:45PM -0800, [EMAIL PROTECTED] wrote:
> I setup the anti-relaying rules all fine and dandy according to the FAQ
> with tcpserver.. Everything works fine, *but* i need the ability to filter
> by DNS hostmask and IP address.. I tried the following test:
>
> This setup works:
>
> 209.142.1.150:allow,RELAYCLIENT=""
> :allow
>
> This setup does NOT work:
> vadept.com:allow,RELAYCLIENT=""
> :allow
>
> I need the ability to just wildcard IP's based upon their DNS lookup, I
> know I can enable paranoid mode to cut down on the spoofing, but will the
> current anti-relaying rules support a *.vadept.com rather than about
> 150-200 class C's?
Presume your tcpserver invocation is simple:
tcpserver 0 smtp qmail-smtpd
Insert a call to a script like so:
tcpserver 0 smtp shouldirelay qmail-smtpd.
Create a script "shouldirelay" that does two things:
1. Uses ucspi-tcp environment variables to decide if RELAYCLIENT
should be set. man tcp-environ for details.
2. execs the arguments in $@.
PGP signature
