On 11/24/2015 02:46 PM, Axb wrote:
On 11/24/2015 02:40 PM, Matthias Apitz wrote:
El día Tuesday, November 24, 2015 a las 01:47:23PM +0100, Reindl
Harald escribió:
On 24.11.15 13:24, Reindl Harald wrote:
on the other hand why can't SA not do the lookup for the IP of
"Received: from [140.211.11.3]" given that it does a lot of dns
lookups anyway?
just because of that - to limit the number of outgoing DNS requests and
focus on that haven't been done before. That's why SA uses existing
headers
like Received: and Received-SPF:
in reality it would be not a "outgoing DNS request" because it's cached
it's obvious that the info is missing in the header, otherwise for a
remote IP with no PTR on that place would appear "unknown" so you can
even fire that DNS request only when it is needed
If someone would have a patch for this, I'd be happy to help testing.
Take a look at the AskDNS plugin.
You may be able to make a rule for your need.
(or find a victim willing to help you with it)
forget it - wrong tool.. sorry
