Hanno Hecker wrote:
we had some (smaller) troubles with a spammer sending mails with a
resolvable MX, but that MX pointed to 127.0.0.1... after blacklisting
these sending IP for a short time I added a check to the
require_resolvable_fromhost plugin...
I used to have my require_resolvable_fromhost patched to check for 127.*
as well as the private-use ranges (RFC 1918):
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
and the autoconfiguration range (RFC 3330):
169.254.0.0 - 169.254.255.255
The heart of it was
if ( $rr->type eq 'A' and
$rr->address =~
/^(?:127\.|10\.|192\.168\.|176\.(1[6-9]|2\d|3[01])\.|169\.254\.)/ ) {
my $msg = "$host resolves to private IP address " . $rr->address;
return(DENY, $msg);
}
I forgot about 0.0.0.0, and there may be a few other ranges that could
be checked for. Not sure if it's worth checking up unassigned ranges
and keeping them up to date.
At some point the cvs version of require_resolvable_fromhost changed and
I never got around to reincorporating my changes, so I've just been
using the standard plugin.
Does anyone else think these checks should be added to the standard
plugin? It's all very well for an address to be resolvable, but if it
resolves to an IP address that makes it impossible to deliver it's not
much different from not resolving at all.
--
Keith C. Ivey <[EMAIL PROTECTED]>
Washington, DC
