OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Erik Aronesty (erikzoneedit.com)
Date: Mon Mar 04 2002 - 10:41:39 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Did you look at the other one?

    http://home.pages.de/~mandree/postfix/

    - Erik

    ----- Original Message -----
    From: "Will Day" <willdayrom.oit.gatech.edu>
    To: "Postfix list" <postfix-userspostfix.org>
    Sent: Saturday, March 02, 2002 3:20 AM
    Subject: rhsbl patch

    I've been playing with the rhsbl patch:

    http://www-dt.e-technik.uni-dortmund.de/~ma/postfix/patch-postfix-1.1.0-rhsb
    l-0.1.context.diff

    and I ran into a few issues with it. In particular:
     - It checks client domain/subdomains instead of sender domain/domains.
     - For multiple rhsbl_domains and multiple sender (sub)domains, sender
       subdomains are only checked against the first rhsbl_domain; my_strtok
       was leaving saved_domains null-terminated with only the first
       rhsbl_domain.
     - For multiple rhsbl_domains, it wasn't stopping on the first match; it
       instead returned the lookup status of last rhsbl_domain.

    In terms of the first, as best I can tell, RHSBL refers "right hand side"
    of the sender address. That is, it should be looking up the domains of the
    sender envelope address, not the domain names of the client host. At
    least, that's what I found from the mentions at:
       http://www.rfc-ignorant.org/how_to_domain.html
       http://www.declude.com/junkmail/support/ip4rinfo.htm
       http://www.megacity.org/software.html

    In terms of the last two, here's an example. Postfix config:

       rhsbl_domains =
            dsn.rfc-ignorant.org
            in.dnsbl.org
            rbl.hpgx.net
            bandwidth-pigs.monkeys.com

    DNS entries:

       ranchero.gatech.edu.rbl.hpgx.net. 261 IN A 127.0.0.2
       ranchero.gatech.edu.rbl.hpgx.net. 3565 IN TXT "test reject"

    SMTP dialog:

       220 crossbow.gatech.edu ESMTP
       mail from: <willdayrom.oit.gatech.edu>
       250 Ok
       rcpt to: <willday>
       250 Ok
       quit
       221 Bye

    Debug messages:

       reject_rhsbl: ranchero.gatech.edu
       reject_rhsbl: gatech.edu
       dns_query: ranchero.gatech.edu.dsn.rfc-ignorant.org (A): Host not found
       dns_query: ranchero.gatech.edu.in.dnsbl.org (A): Host not found
       dns_query: ranchero.gatech.edu.rbl.hpgx.net (A): OK
       dns_get_answer: type A for ranchero.gatech.edu.rbl.hpgx.net
       dns_query: gatech.edu.dsn.rfc-ignorant.org (A): Host not found
       generic_checks: name=reject_rhsbl status=0

    In any case, I reworked the patch a bit to try and address these, as well
    as renaming the options to mirror the existing "rbl" options, plus a few
    other minor changes. Here's an example of the result. Postfix config:

       maps_rhsbl_domains =
            dsn.rfc-ignorant.org
            in.dnsbl.org
            rbl.hpgx.net
            bandwidth-pigs.monkeys.com

    DNS entries:

       gatech.edu.rbl.hpgx.net. 3600 IN TXT "test reject"
       gatech.edu.rbl.hpgx.net. 300 IN A 127.0.0.2

    SMTP dialog:

       220 crossbow.gatech.edu ESMTP
       mail from: <willdayrom.oit.gatech.edu>
       250 Ok
       rcpt to: <willday>
       554 Service unavailable; Sender domain "gatech.edu" blocked using
    rbl.hpgx.net, reason: test reject
       quit
       221 Bye

    Debug messages:

       reject_maps_rhsbl: sender: willdayrom.oit.gatech.edu
       rhsbl_make_checklist: adding: rom.oit.gatech.edu
       rhsbl_make_checklist: adding: oit.gatech.edu
       rhsbl_make_checklist: adding: gatech.edu
       dns_query: rom.oit.gatech.edu.dsn.rfc-ignorant.org (A): Host not found
       dns_query: rom.oit.gatech.edu.in.dnsbl.org (A): Host not found
       dns_query: rom.oit.gatech.edu.rbl.hpgx.net (A): Host not found
       dns_query: rom.oit.gatech.edu.bandwidth-pigs.monkeys.com (A): Host not
    found
       dns_query: oit.gatech.edu.dsn.rfc-ignorant.org (A): Host not found
       dns_query: oit.gatech.edu.in.dnsbl.org (A): Host not found
       dns_query: oit.gatech.edu.rbl.hpgx.net (A): Host not found
       dns_query: oit.gatech.edu.bandwidth-pigs.monkeys.com (A): Host not found
       dns_query: gatech.edu.dsn.rfc-ignorant.org (A): Host not found
       dns_query: gatech.edu.in.dnsbl.org (A): Host not found
       dns_query: gatech.edu.rbl.hpgx.net (A): OK
       dns_get_answer: type A for gatech.edu.rbl.hpgx.net
       dns_query: gatech.edu.rbl.hpgx.net (TXT): OK
       dns_get_answer: type TXT for gatech.edu.rbl.hpgx.net
       reject: RCPT from ranchero.gatech.edu[130.207.165.122]: 554 Service
    unavailable; sender domain "gatech.edu" blocked using rbl.hpgx.net, reason:
    test reject; from=<willdayrom.oit.gatech.edu> to=<willday>
       generic_checks: name=reject_maps_rhsbl status=2

    I'm attaching the new patch here (against postfix-1.1.4). 

    --
Will Day                  Those who would give up essential Liberty, to
rom.oit.gatech.edu       purchase a little temporary Safety, deserve
neither
O&E / Tech Support        Liberty nor Safety.
UNIX System Programmer      - Benjamin Franklin, Penn. Assembly, Nov. 11,
1755
  -> Opinions expressed are mine alone and do not reflect OIT policy <-

    -
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users