On Thu, 3 Sep 2009, Clunk Werclick wrote:
zgrep "address not listed" /var/log/mail.info
Sep 3 05:26:59 ....: warning: 222.252.239.56: address not listed for
hostname localhost
dig -x 222.252.239.56
...
;; QUESTION SECTION:
;56.239.252.222.in-addr.arpa. IN PTR
;; ANSWER SECTION:
56.239.252.222.in-addr.arpa. 83651 IN PTR localhost.
...
Taking to one side the various RBL's which are catching these, and not
going the whole 'PTR must match' route - would it be practical to craft
a 10 point rule based on PTR = localhost? Is it even possible to build a
rule based upon DNS returns?
I have a rule like that in my sandbox. It's doing fairly well.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...to announce there must be no criticism of the President or to
stand by the President right or wrong is not only unpatriotic and
servile, but is morally treasonous to the American public.
-- Theodore Roosevelt, 1918
-----------------------------------------------------------------------
14 days until the 222nd anniversary of the signing of the U.S. Constitution
