On Tue, 9 Aug 2016, li...@rhsoft.net wrote:
Am 09.08.2016 um 18:08 schrieb Kevin Golding:
Based on what you're trying to do:
man dig
don't help, see below
or depending on your resolver possibly:
man drill
don't help, see below
Whilst I agree it is slightly more effort to set-up whitelisting by
looking up the details first it would still be far more resource
efficient on your servers
that don't catch the problem if the MX changes that you need to
permanently watch your "whitelist_from_rcvd" and maintain them
So script it.
Write a script that reads a list of domain names, does digs to get those
domains' MX hosts, and writes whitelist_from_rcvd rules for them to a
local config file. Run that every night as part of your scheduled
sa-update script.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The question of whether people should be allowed to harm themselves
is simple. They *must*. -- Charles Murray
-----------------------------------------------------------------------
6 days until the 71st anniversary of the end of World War II
