[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exclude IP or mailserver name from rbl lookup

Good morning.

On Thu, May 01, 2003 at 01:55:49PM -0600, Daryle A. Tilroe wrote:
> I am pretty sure this is a dumb question but I don't quite
> have time right now to figure it out right now.  I quickly
> tried a line like:
> mail.excludefromrbl.com          relaycustomer - relaytarget - senderokwithdns + = _rbl1
> but it didn't work.  So what is the correct way given a
> mailserver name or ip address to exclude it from an
> rbl lookup?

I usually list my priority serviced customer networks/hosts
with IP address/net literals in   smtp-policy.relay   file.
Those will never get RBL lookups.  Often they don't get
any other verifications either.


In theory the smtpserver does support also domain names
in the  smtp-policy.relay   but it does not do fully paranoid
reverse and forward name lookups -- only reverses..

Another thing is more generic problem in the policy code.
It was written with quite simple environment in mind, and
among other things, its internal logic isn't quite all
that flexible.   One can list same domain names in  .relay
and  .mx   file,  for example,  and the end result is
that the latter does not work as intended after the policy
compiler goes thru the files.

How could we separate domain names in:
  - IP-reversal
  - helo-parameter
  - mail from
  - rcpt to

I have thought of adding some prefix, a'la:
and possibly
Adding the 'R:' on IP address literals is a bit crazy, but
it being sourced from  .relay  file...

This way e.g.  .relay   and  .mx  files could separate themselves
in the produced policy dataset.

Hmm...  and at the  .relay  file we can give "postmaster" type
addresses to whom the email must always go thru...
That "T:" prefix feels all the more interesting for those entries.
The processor script (policy-builder) must handle lines without
any prefix (add a default for that file), as well as lines with
a prefix (not add any).

> For reference I am using:
> .                       relaycustomer - relaytarget - senderokwithdns + = _rbl1
> []/0             relaycustomer - relaytarget - senderokwithdns + = _rbl0
> #| Second RBL variant: Early block with RBL+DUL+RSS
> _rbl0          test-dns-rbl  bl.spamcop.net:sbl.spamhaus.org:relays.ordb.org:rbl-plus.mail-abuse.org
> _rbl1          # Nothing at late phase
> -- 
> Daryle A. Tilroe

/Matti Aarnio	<mea@nic.funet.fi>
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi