On Friday 20 September 2002 02:36 am, Philip Hazel wrote:
> On Fri, 20 Sep 2002, Nico Erfurth wrote:
> > 1.) Very simple approach, just add
> > host_reject_connection = +include_unknown
>
> That will have no effect because "+include_unknown" applies to the
> testing of any following item in the list. As there are no following
> items in the list, Exim won't need to test anything, so +include_unknown
> won't do anything. You would need to force it by something like
>
> host_reject_connection = +include_unknown : non.existent.domain
>
> Then Exim would try to look up the host name in order to test against
> "non.existent.domain".
Hrmm. Interesting.
> > 2.) the ACL way, exim provides us with
> > <quote>
> > $host_lookup_failed: This variable contains ``1'' if the message came
> > from a remote host and there was an attempt to look up the host's name
> > from its IP address, but the attempt failed. Otherwise the value of the
> > variable is ``0''.
> > </quote>
>
> There's a catch there too. You have to make sure that Exim does attempt
> a host lookup. You can do this by setting
>
> host_lookup = *
Heh, yes. I already have this option enabled. I had that on, for tracking
where email spam keeps coming from. And notibly, I keep seeing they always
come from non-reversable IP addresses with proxies that don't identify
themselves in any way at all even after doing an investigation.
> > you could use this variable in an ACL (rcpt_acl) like this
> >
> > deny message = Sorry, your IP could not be looked up
> > condition = $host_lookup_failed
> >
> > The problem with this one is that it will permanent reject when you have
> > DNS-Problems.
>
> Indeed.
If my servers get DNS problems, that would be quite the miracle. Though, that
may begin to matter, when I start testing out a new DNS server a friend of
mine is programming, one that should be able to make bind look worse than it
already is in regards to zones and caching.
I say that, greatly because it'll be beta until it's stable, and it'll use
LDAP, PostgreSQL, even bind-style textfile zone storage formats, as modular
plugins. I'd planned to use the PgSQL method.
Anyway, my big issue has been so far, using tracking methods, I keep seeing
email that's marked spam, coming solely from un-resolvable IP's, claiming
their from yahoo.com (SpamAssassin marks them forged yahoo).
If there's a way I could maybe reject mail based on the Spam header that
SpamAssassin puts in, looking for the notible header:
SPAM: FORGED_YAHOO_RCVD
That would solve most of my problems, stopping them before they even get
delivered.
Eric Renfro
