I'll add this to the filter list. Thanks!
-- Sam Clippinger
Arne Metzger wrote:
> Hi,
>
> sorry that i am pushing an older thread.
>
> I just found a "new" format for the IP address:
> May 6 23:25:13 xxx spamdyke[18356]: DENIED_RDNS_RESOLVE from:
> [EMAIL PROTECTED] to: [EMAIL PROTECTED] origi
Hi,
sorry that i am pushing an older thread.
I just found a "new" format for the IP address:
May 6 23:25:13 xxx spamdyke[18356]: DENIED_RDNS_RESOLVE from:
[EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 190.25.37.99
origin_rdns: adsl190-2537099.dyn.etb.net.co auth: (unknown)
Regards,
Arne
Sorry about that. :) I've fixed the web page and the help text will be
updated in version 4.0.0.
Thanks!
-- Sam Clippinger
Marcin Orlowski wrote:
> Sam Clippinger wrote:
>
>> The defaults are described in the text of each section in the README
>> file but not in the table that shows all of
Sam Clippinger wrote:
> The defaults are described in the text of each section in the README
> file but not in the table that shows all of the configuration options...
> I didn't realize that. The defaults are printed in the help screen when
> you run "spamdyke -h".
--max-recipients NUM
All
The defaults are described in the text of each section in the README
file but not in the table that shows all of the configuration options...
I didn't realize that. The defaults are printed in the help screen when
you run "spamdyke -h".
I'll add the defaults to the usage section of the README
Sam Clippinger wrote:
> I can always use help writing documentation. Let me finish making the
> updates for the version 4.0 changes, then I'll send them to you to see
> if you think they need polishing. Thanks!
BTW: documentation lacks information of default values, for options
like graylist-m
I can always use help writing documentation. Let me finish making the
updates for the version 4.0 changes, then I'll send them to you to see
if you think they need polishing. Thanks!
-- Sam Clippinger
Eric Shubert wrote:
> Sam Clippinger wrote:
>
>> You're reading the correct section. The
Sam Clippinger wrote:
> You're reading the correct section. The third and fourth paragraphs
> describe "reject-unresolvable-rdns", which is the filter that was
> triggered in your example. The text doesn't actually use the term "A
> record", instead saying that spamdyke "attempts to get an IP
You're reading the correct section. The third and fourth paragraphs
describe "reject-unresolvable-rdns", which is the filter that was
triggered in your example. The text doesn't actually use the term "A
record", instead saying that spamdyke "attempts to get an IP address
from the name". When
That makes sense, but it's not what I read at
http://www.spamdyke.org/documentation/README.html#RDNS
I don't see anything there about looking up a corresponding DNS A record.
Is the documentation perhaps out of date? (or am I losing it?) ;)
Do we perhaps need 2 parameter/rules? One for when the rD
Your example was not rejected by the ip-in-rdns-keyword-file filter. It
was rejected by the reject-unresolvable-rdns filter because the rDNS
name does not resolve to an IP address (a DNS A record). In other
words, "ping ihsystem-65-182-166-90.pugmarks.net" will fail with
"unknown host".
-- S
I'll consider adding those options. I didn't make the filter too
aggressive because of the risk of false negatives. But I might be able
to add some kind of "level" option to control how loosely it matches the IP.
-- Sam Clippinger
Marcin Orlowski wrote:
> Sam Clippinger wrote:
>
>> spamdyk
I don't understand (after having read the documentation) why the example I
showed was rejected then. Please explain.
Sam Clippinger wrote:
> Sorry, I should have mentioned that the dots in the formats I listed can
> actually be any non-alphanumeric character (dashes, underscores, etc).
>
> -- Sa
Sam Clippinger wrote:
> spamdyke looks for the IP address in many different formats. If the IP
> address is 11.22.33.44, it looks for:
> 11.22.33.44
> 011.022.033.044
[...]
> As for putting filter entries in the main configuration file instead of
> separate files, I'm a step ahead of you
Sorry, I should have mentioned that the dots in the formats I listed can
actually be any non-alphanumeric character (dashes, underscores, etc).
-- Sam Clippinger
Eric Shubert wrote:
> Sam Clippinger wrote:
>
>> spamdyke looks for the IP address in many different formats. If the IP
>> addres
Sam Clippinger wrote:
> spamdyke looks for the IP address in many different formats. If the IP
> address is 11.22.33.44, it looks for:
> 11.22.33.44
> 011.022.033.044
> 11.022.033.044 (new in version 4.0.0)
> 11.22.033.044 (new in version 4.0.0)
> 11.22.33.044 (new in version
I see.
I still think that regex's are more intuitive/flexible though. ;)
Sam Clippinger wrote:
> If the entry starts with a dot, it will only match the end of the rDNS
> name. If there is no dot, it will match anywhere in the name.
>
> -- Sam Clippinger
>
> Eric Shubert wrote:
>> Sam Clippinge
If the entry starts with a dot, it will only match the end of the rDNS
name. If there is no dot, it will match anywhere in the name.
-- Sam Clippinger
Eric Shubert wrote:
> Sam Clippinger wrote:
>
>
>> Other connections are not being blocked because their rDNS names don't
>> end in country
spamdyke looks for the IP address in many different formats. If the IP
address is 11.22.33.44, it looks for:
11.22.33.44
011.022.033.044
11.022.033.044 (new in version 4.0.0)
11.22.033.044 (new in version 4.0.0)
11.22.33.044 (new in version 4.0.0)
44.33.22.11
44.11.22.
Sam Clippinger wrote:
> Other connections are not being blocked because their rDNS names don't
> end in country codes. Instead, they use three-character TLDs like
> ".com" and ".net". If you want to block those connections as well, use
> the "ip-in-rdns-keyword-file" option and put ".com" and
Sam Clippinger wrote:
> This behavior is correct. The "reject-ip-in-cc-rdns" option will only
I just found out that leading zero fools this filter:
111.222.111.33 => 111-222-11-033.domain pass while it should not
Regards,
--
"Daddy, what "Formatting drive C:" means?"...
Marcinhtt
Sam Clippinger wrote:
> Other connections are not being blocked because their rDNS names don't
> end in country codes. Instead, they use three-character TLDs like
> ".com" and ".net". If you want to block those connections as well, use
> the "ip-in-rdns-keyword-file" option and put ".com" and
This behavior is correct. The "reject-ip-in-cc-rdns" option will only
block a connection if it meets two criteria:
1) The IP address must be part of the rDNS name.
2) The rDNS name must end in a two-character country code.
That's why you're seeing some connections being blocked -- their r
23 matches
Mail list logo
