[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RBLs and TXT RRs

To: Mariano Absatz <zmailer@lists.com.ar>
Subject: Re: RBLs and TXT RRs
From: Matti Aarnio <mea@nic.funet.fi>
Date: Thu, 6 Nov 2003 23:46:41 +0200
Cc: ZMailer list <zmailer@nic.funet.fi>
In-Reply-To: <3FAA777D.28028.4BDBB42@localhost>; from zmailer@lists.com.ar on Thu, Nov 06, 2003 at 04:31:57PM -0300
Original-Recipient: rfc822;zmailer-log@nic.funet.fi
References: <20031016004116.C21101@nic.funet.fi>; <20031106204919.B25100@nic.funet.fi> <3FAA777D.28028.4BDBB42@localhost>
Sender: zmailer-owner@nic.funet.fi

On Thu, Nov 06, 2003 at 04:31:57PM -0300, Mariano Absatz wrote:
> I only have a test setup on a production server where I only "log"
> (not reject).

Ok.   The thing is constructed only to use the  state->rblmsg  string
in cases where there is   "test-rcpt-dns-rbl +"  pair in the  _rbl1
ruleset.  Otherwise it is silently ignored.

Indeed the system isn't equipped to LOG the text at all.
In  smtpserver/policytest.c  there are two calls to   rbl_dns_test()
and the second one of those is the one you are interested.

> The portion of smtp-policy.src looks like:
> ======================================================================
> .             relaycustomer - relaytarget - senderokwithdns + = _rbl1
> [0.0.0.0]/0   relaycustomer - relaytarget - senderokwithdns + = _rbl0
> # log open proxies
> _rbl0   rcpt-dns-rbl    pss.spambusters.org.ar
> _rbl1       # but don't reject
> ======================================================================

Right...   

> Now, in my smtpserver log, I have:
> Looking up DNS A object: 153.62.47.200.pss.spambusters.org.ar
> (for non-found addresses) and
> Looked up DNS A object: 12.55.232.24.relays.ordb.org -> 127.0.0.2
> (for found addresses).
> 
> Now, If I manually do:
> # host -t txt 12.55.232.24.relays.ordb.org
> 12.55.232.24.relays.ordb.org descriptive text "This mail was handled by \ 
>     an open relay - please visit \
>     <http://ORDB.org/lookup/?host=24.232.55.12>"

Odd..  The code in   smtpserver/mxverify.c: dnsmxlookup()  does
something odd, and strips last character of that...  Ah, I see,
better to err that way, anyway.

> It'd be nice to be able to put the content of this record in a rejection:
> 550 5.7.1 This mail was handled by an open relay - please visit \
>     <http://ORDB.org/lookup/?host=24.232.55.12>

It will be (for RCPT TO line) if there is proper attribute pair.

> but the TXT RR is never queried (and thus, nor even logged)...

It is queried, but not logged.
Well, at least until I commit my current edit :-)

... 
> Mariano Absatz
-- 
/Matti Aarnio	<mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi

References:
- Re: RBLs and TXT RRs
  - From: Matti Aarnio <mea@nic.funet.fi>
- Re: RBLs and TXT RRs
  - From: Matti Aarnio <mea@nic.funet.fi>
- Re: RBLs and TXT RRs
  - From: "Mariano Absatz" <zmailer@lists.com.ar>

Prev by Date: Re: spamassassin
Next by Date: Re: RBLs and TXT RRs
Prev by thread: Re: RBLs and TXT RRs
Next by thread: Re: RBLs and TXT RRs
Index(es):
- Date
- Thread