|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
DNS-based whitelist
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Sun Sep 26 2004 - 18:29:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The last I saw this question come up in the list archives was February.
Apparently the only kind of IP- or host-based whitelisting that can be
done is in table lookups, not in DNS "RWL" (realtime white lists).
Is my understanding correct? I didn't see anything from Wietse on the
matter. I understand that DNS lookups are slower than hash or dbm, but
I'd think they would be faster than SQL or LDAP. Is DNS whitelisting a
rejected idea?
Digging back a bit further I saw this from Wietse:
http://archives.neohapsis.com/archives/postfix/2002-10/1889.html
"... RBL whitelists are fragile. If DNS breaks, your whitelist
won't tell you that a site is OK and mail may be lost."
Yes, but LDAP and SQL are at least as fragile ... and mistyped map
files can lose mail too ...
It's not important; for that matter I think a regexp or cidr table
would be easier to maintain on a single host. But DNS might be a nice
way to share and to propagate a whitelist among numerous hosts.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]