[rbldnsd] domain-based (black|white)listing - possible?
Szymon Grabowski
szymon at gmail.com
Sat Mar 26 18:56:53 MSK 2005
Michael et al,
Apart from running multiple ip4set zones, which has worked
for us successfully over the last couple of months, we would
like to add two new zones:
whitelist.dnset
blacklist.dnset
These are pretty self-explanatory - we are looking to ban/
whitelist particular domain names using the dnset format.
For instance, in whitelist.dnset we would like to have
entries like "!*.mx.aol.com" to automatically whitelist some
of the hosts we deem to trust. Similarly, blacklist.dnset would
host ".badguys.com" entries to ban the bad guys from
delivering mail to our servers.
Our blacklist.dnset looks like this:
:127.0.0.2:Mail blocked
#$SOA 1h rbl.implix.com. hostmaster.implix.com. 2005032603 1h 15m 1w 15m
#$NS 3600 127.0.0.1 207.8.198.43 207.106.1.2
#$TTL 3600
..badguys.com You are not welcome here
Unfortunately, when I connect to one of the mail servers
from somehost.badguys.com, it will *not* be blocked
(putting an IP address in one of the ip4set zones works
ok).
We use one RBL server called rbl.implix.com that is
accessed by all of our inbound mail servers, via
tcpserver/qmail-smtpd/rblsmtpd logic:
tcpserver .... rblsmtpd -b -r rbl.implix.com qmail-smtpd
Is there anything we can do to achieve such a
wildcard domain whitelisting/blacklisting logic?
Thanks and Happy Easter to all!
= Simon
More information about the rbldnsd
mailing list