A client of mine provides an email service to a number of mobile users. This leave my client open to abuse as addresses are assigned dynamically and blocking specific users is difficult. We have set up an internal, private DNS which we update with the authentication details of the user and the IP assigned to him/her at that time. We now want to configure postfix/spamassassin to query this DNS and return the authentication details. This will allow us to blacklist the abusive users until they re-register (at a cost) and should help us fight the proliferation of spam.
How best can this be done? It is not enough that the IP is in the DNS, we expect it to be and we don not want to blacklist based on the IP. We actually need to get the authentication details back and look these up in a blacklist. So how do we configure postfix or spamassassin to look up one DNS and pass the returned value to a second DNS or hash or whatever to return the final judgement? Thanks, mike
