This is a simple plugin which has helped me out a fair bit. It ensures that connecting hosts have reverse DNS. (Though it doesn't actually care what rdns is present.)
I have it setup in this order: common/hosts_allow common/require-rdns common/check_earlytalker Comments welcome .. the only obvious comment is that the action is hard-wired, but I could change that if it were useful. Steve -- http://mail-scanning.com/ #!/usr/bin/perl -w =head1 NAME require-rdns - Test that connecting hosts have reverse DNS record(s). =cut =head1 DESCRIPTION The smtp servers which connect to us should have reverse DNS. We don't care what it is, but it should be there.. =cut =begin doc Called at SMTP-connect time. Ensure that there is RDNS present, otherwise drop. =end doc =cut sub hook_connect { my ($self, $transaction) = @_; my $remote_ip = $self->qp->connection->remote_ip; my $remote_host = $self->qp->connection->remote_host; if ( ($remote_ip eq $remote_host) || ($remote_host eq "Unknown" ) ) { $self->log(LOGWARN, "require-rdns: $remote_ip no RDNS: $remote_host" ); return (DENY_DISCONNECT, "RDNS lookup for $remote_ip failed [$remote_host]"); } else { return DECLINED; } }
