[rbldnsd] regular expression support for rbldnsd
Per Jessen
per at computer.org
Wed Aug 12 20:21:11 MSD 2009
Steven Champeon wrote:
> We have a patch against rbldnsd 0.996b that provides support for
> regular expression-based fast lookups of HELO and PTR strings, in an
> rbldnsd zone, that return our classifications for hostnames for use in
> scoring or blocking bot-originated email.
Interesting idea. We have a list of such patterns which is evaluated by
Postfix. I can't immediately see if a DNS-based solution instead would
improve things.
In our current setup, it would shift the CPU-load (for the matching)
from the individual mailserver to the rbldnsd server, which wouldn't be
good.
> This has proven very useful in the context of dealing with botnets, as
> it's vanishingly rare to see hosts with generic names trying to send
> legitimate email.
I guess that depends - I see a lot every day. There are a lot of
less-than-competent mail-admins out there, and forgetting to ask your
provider for a reverse entry is quite common around here,
unfortunately.
/Per Jessen, Zürich
More information about the rbldnsd
mailing list