Re: [exim] Blocking Users with No Reverse DNS

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Ted Cooper
Data:  
Para: exim-users
Asunto: Re: [exim] Blocking Users with No Reverse DNS
Jim Pazarena wrote:
> Andreas Pettersson wrote:
>> Matt wrote:
>>> How many block connections with no reverse DNS? How much collateral
>>> damage is there with doing that? How do you set it up in Exim?
>>>
>> We block connections with missing rDNS but only from a specified list of
>> countries:
>> AR, BG, BR, BY, CL, CN, CZ, ES, FR, ID, IN, IT, KR, LV, MX, MY, PE, PH,
>> PL, RO, RU, TR, VN
>>
>> The reject message clearly says what's wrong, and so far I haven't had
>> any issues that I'm aware of.
>>
>> The setup:
>>
>>     deny    !verify = reverse_host_lookup
>>         dnslists = countries.blackholes.us=\
>>         127.0.3.2,\
>>         127.1.0.0,\
>>         127.0.7.6,\
>>        ...
>>        message = your message goes here..

>
> I am finding little info on countries.blackholes.us. Their website doesn't offer what
> exactly they provide.
>
> What mechanism in the example above blocks those specific countries listed at the top?
>
> I'd like to use this if I could understand it better.
> thanks!


Blackholes.us provides a way of using DNS to figure out which country an
IP address is from. They don't seem to have many name servers so they
might like it better if people accessed them via Karmasphere where the
zones are also published. Last peep of news from there was back in 2005.

If you wanted to block all traffic from china, find out the country code
(dig cn.countries.blackholes.us == 127.1.5.6) and add it to the snippet
above.

Of course you might want to use this as an advisory service rather than
an outright block! Some of us get useful emails from China ;)


--
The Exim Manual
http://www.exim.org/docs.html
http://www.exim.org/exim-html-current/doc/html/spec_html/index.html