[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exclude IP or mailserver name from rbl lookup

To: "Daryle A. Tilroe" <daryle@micralyne.com>
Subject: Re: Exclude IP or mailserver name from rbl lookup
From: Matti Aarnio <mea@nic.funet.fi>
Date: Fri, 2 May 2003 10:23:53 +0300
Cc: zmailer@nic.funet.fi
In-Reply-To: <3EB17BC5.4000701@micralyne.com>; from daryle@micralyne.com on Thu, May 01, 2003 at 01:55:49PM -0600
Original-Recipient: rfc822;"|/home/httpd/zmailer/html/mhalist/input.sh"
References: <NBBBKPODAGKMCHCPIADOOEJPLCAA.Neal@Morgan-Systems.com> <3EB17BC5.4000701@micralyne.com>
Sender: zmailer-owner@nic.funet.fi

Good morning.

On Thu, May 01, 2003 at 01:55:49PM -0600, Daryle A. Tilroe wrote:
> I am pretty sure this is a dumb question but I don't quite
> have time right now to figure it out right now.  I quickly
> tried a line like:
> 
> mail.excludefromrbl.com          relaycustomer - relaytarget - senderokwithdns + = _rbl1
> 
> but it didn't work.  So what is the correct way given a
> mailserver name or ip address to exclude it from an
> rbl lookup?

I usually list my priority serviced customer networks/hosts
with IP address/net literals in   smtp-policy.relay   file.
Those will never get RBL lookups.  Often they don't get
any other verifications either.

  http://www.zmailer.org/cgi-bin/cvsweb.cgi/~checkout~/zmailer/proto/db/smtp-policy.relay?rev=1.2&content-type=text/plain

In theory the smtpserver does support also domain names
in the  smtp-policy.relay   but it does not do fully paranoid
reverse and forward name lookups -- only reverses..

Another thing is more generic problem in the policy code.
It was written with quite simple environment in mind, and
among other things, its internal logic isn't quite all
that flexible.   One can list same domain names in  .relay
and  .mx   file,  for example,  and the end result is
that the latter does not work as intended after the policy
compiler goes thru the files.

How could we separate domain names in:
  - IP-reversal
  - helo-parameter
  - mail from
  - rcpt to
?

I have thought of adding some prefix, a'la:
   R:mail.excludefromrbl.com
   H:mail.another.com
   F:source.com
   T:target.com
and possibly
   *:any-of-above.com
Adding the 'R:' on IP address literals is a bit crazy, but
it being sourced from  .relay  file...

This way e.g.  .relay   and  .mx  files could separate themselves
in the produced policy dataset.

Hmm...  and at the  .relay  file we can give "postmaster" type
addresses to whom the email must always go thru...
That "T:" prefix feels all the more interesting for those entries.
The processor script (policy-builder) must handle lines without
any prefix (add a default for that file), as well as lines with
a prefix (not add any).

> For reference I am using:
> .                       relaycustomer - relaytarget - senderokwithdns + = _rbl1
> [0.0.0.0]/0             relaycustomer - relaytarget - senderokwithdns + = _rbl0
> AND
> #| Second RBL variant: Early block with RBL+DUL+RSS
> _rbl0          test-dns-rbl  bl.spamcop.net:sbl.spamhaus.org:relays.ordb.org:rbl-plus.mail-abuse.org
> _rbl1          # Nothing at late phase
> 
> -- 
> Daryle A. Tilroe

-- 
/Matti Aarnio	<mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi

Follow-Ups:
- Re: Exclude IP or mailserver name from rbl lookup
  - From: "Daryle A. Tilroe" <daryle@micralyne.com> (Fri, 2 May 2003 18:13:01 +0300)

References:
- RE: rough zmailer treatment on .forward expansion
  - From: "Neal Morgan" <Neal@Morgan-Systems.com>
- Exclude IP or mailserver name from rbl lookup
  - From: "Daryle A. Tilroe" <daryle@micralyne.com>

Prev by Date: Re: Exclude IP or mailserver name from rbl lookup
Next by Date: Re: Exclude IP or mailserver name from rbl lookup
Prev by thread: Re: Exclude IP or mailserver name from rbl lookup
Next by thread: Re: Exclude IP or mailserver name from rbl lookup
Index(es):
- Date
- Thread