On Monday 14 April 2003 04:42 pm, James A. Dory wrote:
For those who are "curious":
> ># DNS based IP address spam list bl.spamcop.net
## Comment line
> >R$* $: $&{client_addr}
## Call internal sub-routine "client_addr" to Map host connection to
## its logical IP address
> >R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bl.spamcop.net.
## If this IP is IPV6, check if the last four octets are listed (in reverse)
## at bl.spamcop.net DNS (should return 127.0.0.X if listed)
> > $: OK $)
## no entry at bl.spamcop.net is OK here
> >R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1.bl.spamcop.net.
## If this IP is IPV4 notation, check if the IP (in reverse) is listed
## at bl.spamcop.net DNS (should return 127.0.0.X if listed).
> > $: OK $)
## If not listed this is OK here
> >R<?>OK $: OKSOFAR
## If the result of any check "above" is OK, then IP address is ok to accept
> >R<?>$+ $#error $@ 5.7.1 $: "Spam blocked see:
## If any IP test above is "true" (meaning the IP was listed and an "ip" was
## returned from the call) then send the client (remote IP ) an error letting
## them know they are blocked by the appropriate BL.
IP in reverse means that IP address 1.2.3.4 gets queried as
4.3.2.1.bl.spamcop.net which is how RBL (real-time block-lists) do the DNS
entry. That way you can do things like NJABL (and others) does which says a
return of 127.0.0.2 is open relay, a return of 127.0.0.3 is proxy; etc, etc,
etc...
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx
_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users