Peter:
> We're now starting to see some IPv6 DNSRBLs (eg:
> bl.ipv6.spameatingmonkey.net). It occurs to me that postscreen and
> postfix should only be sending IPv4 requests to IPv4-specific DNSRBLs
> and IPv6 requests to IPv6-specific lists. I would therefore hope for
> consideration of the following changes:
With 'IPv4 requests' and 'IPv6 requests' did you mean:
- The type of the (reversed) client IP address?
- The type (A, AAAA) of the DNS query and response?
I'll assume it is the former for now. We don't really need 128 bits
of resolution for reputation.
What about the common case, if a site such as Spamhaus answers A
queries for both reversed IPv4 and IPv6 addresses, would it need
to be configured multiple times, once as an IPv4 reputation provider,
and again as an IPv6 reputation provider?
That would not be good. We could avoid that with:
postscreen_dnbl_sites (sites handling both reversed IPv4 and IPv6)
postscreen_ipv4_dnbl_sites (sites handling reversed IPv4 only)
postscreen_ipv6_dnbl_sites (sites handling reversed IPv6 only)
Wietse
