Clunk Werclick a écrit : > On Thu, 2009-09-03 at 01:36 -0400, Sahil Tandon wrote: >> On Thu, 03 Sep 2009, Clunk Werclick wrote: >> >>> I'm starting to see plenty of these and they are new to us: >>> >>> zgrep "address not listed" /var/log/mail.info >>> Sep 3 05:26:59 ....: warning: 222.252.239.56: address not listed for >>> hostname localhost >>> dig -x 222.252.239.56 >>> >>> ... >>> ;; QUESTION SECTION: >>> ;56.239.252.222.in-addr.arpa. IN PTR >>> >>> ;; ANSWER SECTION: >>> 56.239.252.222.in-addr.arpa. 83651 IN PTR localhost. >>> ... >>> >>> Taking to one side the various RBL's which are catching these, and not >>> going the whole 'PTR must match' route - would it be practical to craft >>> a 10 point rule based on PTR = localhost? Is it even possible to build a >>> rule based upon DNS returns? >>> >>> Forgive the stupidity of the question, but I'm not sure how to, or even >>> if it can be implemented? >> If you reject mail that scores >= 10, then you could accomplish this before >> mail even gets to SA. Since you appear to be using Postfix, you could >> experiment with check_reverse_client_hostname_access, which is available in >> Postfix 2.6 and later. > Thank you Sahil. It's a job for Postfix (when I get around to 2.6) > because...... >> For a general primer on what you can (and cannot) do >> with respect to SA rules, the following page might be useful: >> >> http://wiki.apache.org/spamassassin/WritingRules > .... this gives no hint to crafting rules on DNS status - which is as I > thought, hence the question in the first instance. >> --
I think I have posted something on this not too long ago on the postfix list. check_helo_hostname_access hash:/etc/postfix/access_host check_reverse_client_hostname_access hash:/etc/postfix/access_host == access_host: localhost REJECT Bogus PTR localdomain REJECT Bogus PTR .localdomain REJECT Bogus PTR .lan REJECT Bogus PTR ....
