Re: [exim] reverse dns check

Pàgina inicial
Delete this message
Reply to this message
Autor: Joan
Data:  
A: exim-users
Assumpte: Re: [exim] reverse dns check
2009/4/30 Terry ( 1stKMH ) <terry@???>:
> Ive been using this
>
>
> deny    message = inconsistent or no DNS reverse entry for
> $sender_host_address
>         !sender_domains =
> /usr/local/etc/exim/whitelisted-domains
>         !authenticated = *
>         condition = ${if eq{$host_lookup_failed}{1} {1}{0}}
>
> which I picked up off the list and its been working well for dropping
> lots of spam but ive also had the odd false positive like this one
>
> 2009-04-30 14:26:20 [4717] H=(clearview01.clearviewdns.net)
> [69.56.235.170]:2835 I=[94.76.221.176]:25 F=<nic@???>
> rejected RCPT <alf@???>: inconsistent or no DNS reverse entry
> for 69.56.235.170
>
> Is there a better way of doing this ?
>

Hi, I'm the one who posted the rdns acl some time ago.
What I did to avoid false positives is to extract from this list in
here (http://phpweby.com/software/ip2country) the countries I receive
most of the legit mail, reducing it to /24 or larger nets.
After that you some thousands of entries that skip this acl improving
greatly the false positives problem.

Also, doing a whois, you can get the ip range of that isp.
whois 69.56.235.170

CIDR:       69.56.128.0/17
This way you can trust the big block of ips from the planet.com


Hope it helps