Re: [exim] ratelimit on dnsbl offenders?

Inizio della pagina
Delete this message
Reply to this message
Autore: Todd Lyons
Data:  
To: B. Cook
CC: exim-users
Oggetto: Re: [exim] ratelimit on dnsbl offenders?
On Fri, Apr 3, 2009 at 7:08 AM, B. Cook <bcook@???> wrote:
> I'm looking to stop asking for say 8 hours after they are found on a
> list, not making the asking faster.


What you're essentially saying is that you want your dns server to
ignore the 30 minute TTL from spamhaus dns servers and override it to
8 hours. This type of thing is very much frowned upon in DNS circles,
but it's also your system and you're free to do anything you want to
it (as long as it doesn't negatively impact others' systems). Check
into powerdns' capabilities and see if you can do such a thing, I
honestly don't know. Never used powerdns, I use bind-dlz instead.

> We used to have zen.spamhaus as the first dnsbl, but now we put it after
> the helo checks in the acl_smtp_rcpt.


I do the same thing, my RBL lookups are at the very end of my
acl_smtp_rcpt ACL.  I was going to ask how come you don't do your HELO
checks in the acl_smtp_helo router, but if you're like me, some of the
helo checks don't apply if they're authenticated, things like that...
-- 
Regards...      Todd