On 11/3/2021, Nicolas JEAN via mailop wrote:
On 15/10/2021 23:22, Paul Gregg via mailop wrote:
(snip)
Sorry for the late reply.
The trick to this is not to limit by IP address - but to implement
service (API) keys.
e.g. each authorised user is given a key e.g. sj3Fa3Gomd937Z12
Then they make queries for 44.33.22.11.sj3Fa3Gomd937Z12.myserver.example.com.
That way you don't care what IP it comes from, but you know who it is.
Nice trick. :)
Unfortunately, it seems that it would require modifications to e.g.
postfix, or other software, in order to add that identifying string to
the DNS query.
Still an idea to keep in mind. Because of how DNS works, the source IP
address isn't available anyway in a usual, unmodified postfix DNS query.
Isn't this how Spamhaus runs their DQS service?
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
