Re: [Exim] Reverse DNS -- grounds for rejection?

Top Page
Delete this message
Reply to this message
Author: jzaw
Date:  
To: exim-users
Subject: Re: [Exim] Reverse DNS -- grounds for rejection?
On Thursday, Jan 15, 2004, at 11:42 Europe/London, Rory Campbell-Lange
wrote:

> Is a test like this grounds for rejecting mail?
> I note that quite a few messagelabs servers don't reverse properly.


as you note not eveyone has DNS == ip == rDNS so at this stage its not
a good idea to reject all non maching rDNS
only some (but which?) and defo others ... namely emails from sites
claiming to be MSN or Hotmail for instance

this was offered some time ago by some kind soul on the mail list
it takes into account failed or lagged dns lookups
I use it myself
(if there are any errors or omissions I would welcome corrections -
thanks)

###################
# modified variant to take account of delayed or missing dns servers
# Check ONLY Certain HELO's against what their hostname is supposed to
be
warn    set acl_m9  = ${lookup{$sender_helo_name} \
               partial-lsearch{/etc/exim/helo_check} \
               {${if eq{$value}{}{$sender_helo_name}{$value}}}{}}
defer   condition = ${if eq{$acl_m9}{}{no}{yes}}
         condition = ${if eq{$sender_host_name}{}{yes}{no}}
         condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
         message   = Access temporarily denied. Cannot resolve PTR
record for $sender_host_address
drop  log_message = HELO MISMATCH Forged HELO for ($sender_helo_name)
         condition   = ${if and { \
               {!eq{$acl_m9}{}} \
                  {!match{$sender_host_name}{${rxquote:$acl_m9}\N$\N}} \
                } \
                {yes}{no}}
         delay       = 30
#
###################


the flat file can be like this


###################
#
$ cat /etc/exim/helo_check

mail.com
microsoft.com
hotmail.com
msn.com hotmail.com
compuserve.com
aol.com
outblaze.com
yahoo.com
yahoo.fr
yahoo.ca
yahoo.co.uk

#
###################

thus only emails claiming to be from the above listed domains are
checked for rDNS

hope this helps

Zaw