[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Sendmail features
- Subject: Re: [cobalt-users] Sendmail features
- From: Larry Smith <lesmith@xxxxxxxxx>
- Date: Mon Apr 14 16:05:01 2003
- Organization: ECSIS.NET
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Monday 14 April 2003 04:42 pm, James A. Dory wrote:
For those who are "curious":
> ># DNS based IP address spam list bl.spamcop.net
## Comment line
> >R$* $: $&{client_addr}
## Call internal sub-routine "client_addr" to Map host connection to
## its logical IP address
> >R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bl.spamcop.net.
## If this IP is IPV6, check if the last four octets are listed (in reverse)
## at bl.spamcop.net DNS (should return 127.0.0.X if listed)
> > $: OK $)
## no entry at bl.spamcop.net is OK here
> >R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bl.spamcop.net.
## If this IP is IPV4 notation, check if the IP (in reverse) is listed
## at bl.spamcop.net DNS (should return 127.0.0.X if listed).
> > $: OK $)
## If not listed this is OK here
> >R<?>OK $: OKSOFAR
## If the result of any check "above" is OK, then IP address is ok to accept
> >R<?>$+ $#error $@ 5.7.1 $: "Spam blocked see:
## If any IP test above is "true" (meaning the IP was listed and an "ip" was
## returned from the call) then send the client (remote IP ) an error letting
## them know they are blocked by the appropriate BL.
IP in reverse means that IP address 1.2.3.4 gets queried as
4.3.2.1.bl.spamcop.net which is how RBL (real-time block-lists) do the DNS
entry. That way you can do things like NJABL (and others) does which says a
return of 127.0.0.2 is open relay, a return of 127.0.0.3 is proxy; etc, etc,
etc...
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx