2009/4/6 Joan <aseques@???>:
> Good morning, I'm trying to set up the rdns checking to my server, but
> due to many providers not using reverse dns registers for they ip's
> it's no trivial.
> At this point i built a list of all the hosts for the country using
> the database here. http://phpweby.com/software/ip2country
> I would like to this:
> .- If the sending host is within the country list, no rdns checking
> should be done.
> .- If the sendign host is out of the list, usual checks should be applied.
>
> This is what I got so far:
>
> .ifdef CHECK_RCPT_REVERSE_DNS
> warn
> message = Country hosts doesn't require rdns
> hosts = ${if exists{CONFDIR/hosts_in_country}\
> {CONFDIR/hosts_in_country}\
> {}}
> defer
> message = X-Host-Lookup-Failed: Reverse DNS lookup failed for
> $sender_host_address (${if
> eq{$host_lookup_failed}{1}{failed}{deferred}})
> condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
> {yes}{no}}
> .endif
>
>
> The problem is that currently the two tests are being done, and I
> would like the second one to be skipped if the first is positive.
> Which would be the way to accomplish that?
>
Well, I finally could make it work, so I'll post it here in case
anyone finds it useful (by the moment is doing a pretty good job)
I place this in 30_exim4-config_check_rcpt from debian configuration:
.ifdef CHECK_RCPT_REVERSE_DNS
defer
!hosts = ${if exists{CONFDIR/hosts_in_country}\
{CONFDIR/hosts_in_country}\
{}}
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for
$sender_host_address (${if
eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
{yes}{no}}
.endif
This way you can stop a massive amount of spammers, since no legit
mail should go to the internet without having a reverse DNS, while
having a conservative policy with the countries you receive most of
the mail.
Cheers
