On Tue, 05 Oct 2010 09:38:44 -0700, Jim Pazarena <exim@???> wrote:
> In an effort to reduce spam, I would like to defer (rather than
> outright refuse) reception
> on any message that comes from a server without a PTR.
>
> I am not sure how to create an ACL to check for a non-existent
> PTR/unresolvable IP.
> I haven't found in FAQs this question.
>
> Advice would be appreciated.
> Thanks,
Something like this might work:
Make sure in global section you have:
host_lookup = *
In acl_smtp_connect or other non data smtp ACL you could do something
like:
# Check for RDNS - if no PTR record - deny
defer message = Defered! $sender_host_address reverse DNS
lookup failed
condition = ${if eq{$sender_host_name}{}{true}{false}}
Ultimately if host_lookup fails looking for a valid ptr record, ie its
empty, sender_host_name is left empty. You can defer based on that.
You could also use dnsdb and do something like this as a replacement
condition:
condition = ${lookup dnsdb{ptr=$sender_host_address}{false}{true}}
I use the first method, but with a reject rather than defer, but no
reason you can't defer. There is certainly overhead doing a host_lookup
for every connecting host, the second method I believe does the ptr
lookup via dnsdb direct, not relying on the results of the host_lookup,
which the first method employs.
Thanks,
James
