Re: [exim] Automatic Whitelist Generation - Why wouldn't thi…

Pàgina inicial
Delete this message
Reply to this message
Autor: Richard Clayton
Data:  
A: exim users
Assumpte: Re: [exim] Automatic Whitelist Generation - Why wouldn't this work?
In message <467F1ABF.1080208@???>, Marc Perkel <marc@???>
writes

>Eli wrote:
>>> Maybe I'm missing something. Can I take one of my IP addresses and make
>>> the RDNS appear to be from xxx.amd.com and make a lookup on xxx.amd.com
>>> agree?
>>
>> Yes you can. That's why reverse DNS information is pretty much completely
>> useless when doing any type of tracing. I suggest you read up on DNS
>> servers and how zonefiles work et al before going too far on speculations
>> regarding DNS, especially if you're using the results to filter stuff (email
>> in this case).
>>
>If you do a reverse lookup and then check to see if the name resolves to
>the IP that you looked up you can tell it's fake.


Yes, only the domain owner will be able to add particular IP addresses to
their records (if you assume DNS is secure, which could be unwise)

BUT you'll get false positives as well because in the real world, things
are never always quite so tidy :( and forward and reverse don't always
match even when nothing specifically wicked is happening.

ObExim: see "verify = reverse_host_lookup" for a way of testing for this
in an ACL -- so you can reject perfectly good email for purist reasons :)

- -- 
richard                                              Richard Clayton


They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin