[rbldnsd] domain-based (black|white)listing - possible?
Jeff Chan
jeffc at surbl.org
Sun Mar 27 09:59:57 MSD 2005
On Saturday, March 26, 2005, 7:56:53 AM, Szymon Grabowski wrote:
> we are looking to ban/
> whitelist particular domain names using the dnset format.
> For instance, in whitelist.dnset we would like to have
> entries like "!*.mx.aol.com" to automatically whitelist some
> of the hosts we deem to trust. Similarly, blacklist.dnset would
> host ".badguys.com" entries to ban the bad guys from
> delivering mail to our servers.
> Our blacklist.dnset looks like this:
> :127.0.0.2:Mail blocked
> #$SOA 1h rbl.implix.com. hostmaster.implix.com. 2005032603 1h 15m 1w 15m
> #$NS 3600 127.0.0.1 207.8.198.43 207.106.1.2
> #$TTL 3600
> ..badguys.com You are not welcome here
> Unfortunately, when I connect to one of the mail servers
> from somehost.badguys.com, it will *not* be blocked
> (putting an IP address in one of the ip4set zones works
> ok).
Sounds like you need your MTA to be able to block sending server
domain names. Sounds more like an MTA question than a rbldnsd
question.
That said, blocking senders by name many not be very useful since
the names can be forged, inconsistent, not map to spammer
domains, etc. For this application IPs may be better.
Jeff C.
--
Jeff Chan
mailto:jeffc at surbl.org
http://www.surbl.org/
More information about the rbldnsd
mailing list