Jeff Lasman wrote:
> We'd like to whitelist real hotmail servers. We've found we can't
> identify them from their spf records; they don't keep those up-to-date
> <frown>.
>
> Currently hotmail appears to be using only servers matching this:
>
> bay0-omcX-sYY.bay0.hotmail.com
>
> where "X" is a single digit and YY is either one or two digits.
>
> Is there a way to easily check for this in an lsearch (or perhaps some
> other kind of search) through a whitelist file?
>
> Or some other easy way to do it?
I haven't seen a hotmail server connect to my servers that hasn't
matched the following info which I keep in a database. I use an external
program to access it though, not a direct exim condition. The helo/rdns
is the tail end of the domain while the IP is the first 3 octets.
helo/rdns | ip
bay0.hotmail.com | 65.54.246
I assume there are more servers and IP ranges out there but they don't
connect to my servers so I don't know about them. I do however have it
programmed in to pick up any new ones as the RDNS and DNS match and do
follow an easily regex'd pattern.
You could probably get away with just matching anything that has an RDNS
that ends in hotmail.com and successfully resolves to the same IP
address. The RDNS doesn't appear to be an available $variable but I
haven't looked that hard yet. I do all my playing with DNS outside of
exim and use ${readsocket}
--
The Exim Manual
http://www.exim.org/docs.html
http://www.exim.org/exim-html-current/doc/html/spec_html/index.html
