Re: [exim] No Reverse DNS

Top Page
Delete this message
Reply to this message
Author: ROGERS Richard
Date:  
To: Matt, exim-users
Subject: Re: [exim] No Reverse DNS
exim-users-bounces@??? wrote:
>>>> I have this to block connections with no reverse DNS: # : no
>>>> reverse dns #defer !verify     = reverse_host_lookup
>>>> #      message     = Reverse DNS lookup failed for host
>>>> $sender_host_address 

>
>> And rejecting based on missing reverse DNS has way too much false
>> positives.
>
> reverse_host_lookup seems to check if there is reverse DNS and also
> that it has a matching forward DNS. Is there a way to only check for
> reverse and not check that there is a matching forward? All my false
> positives seem to have a reverse DNS but the forward does not match.
>
> Matt


Yes, you can separate the "no rDNS" and the "rDNS/forward mismatch"
conditions. This may be a bit inefficient, but we run caching DNS on our
gateways, so it could be worse. Someone else may have a better way...
;-)

You can obviously use the flags and headers for whatever you want once
you've got them.

regards

Richard

# Check to see if the sending host has a rDNS PTR - never mind whether
# it matches the forward lookup - and log/add header if not.

warn
     condition    = ${lookup
dnsdb{ptr=$sender_host_address}{false}{true}}
     message      = X-staffs-no-rdns: true
     log_message  = There is no reverse DNS on $sender_host_address
# and set a flag - RMR 10.9.07
     set ACL_NO_REVERSE_DNS = triggered


# If rDNS exists, check if forward lookup matches. If not, set a flag,
# add a header, and log.
# RMR 26 Nov 2007

warn
     condition    = ${if eq {$ACL_NO_REVERSE_DNS}{false}}
    !verify       = reverse_host_lookup
     message      = X-staffs-rdns-fwd-mismatch: true
     log_message  = Reverse and forward DNS on $sender_host_address
don't match
     set ACL_RDNS_FWD_MISMATCH = triggered




--
Richard Rogers
IT Development and Innovation Manager
Information Services, Staffordshire University


The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorised.



If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, except for the purpose of delivery to the addressee, is prohibited and may be unlawful. Kindly notify the sender and delete the message and any attachment from your computer.