[Mimedefang] how to undo Verisigns mess

John Rowan Littell littejo at earlham.edu
Tue Sep 16 10:54:01 EDT 2003


-----BEGIN PGP SIGNED MESSAGE-----

This may sort itself out, we shall see.  In the meantime, for those
that want to reject messages that have senders with addresses that are
wildcard TLDs, the following code snippet should work.  Note -- you'll
need to have the Net::DNS module installed.  Put the routine in your
standard filter and have $resolver as a global variable (so you don't
have to set up a new resolver for every check).  Call
domain_is_wildcard($Sender) from an appropriate place (like, say,
filter_begin()), and reject.

What the code does: it splits off the TLD of the $Sender address and
the second level domain as well.  It does a A lookups on *.tld and
domain.tld.  If the results match, then it assumes that the domain is
a wildcard domain.  If either of the lookups fail ($wildcard_ip or
$domain_ip are undefined), then it assumes that the domain is not a
wildcard.  This ought to work for *any* TLD that uses wildcards, not
just .com/.net.  It won't work for subdomains that are wildcards
(e.g., "*.example.com").

Suggestions for improvement are welcome.  I've tested this on a test
box with success; I have not put it into production on my main domain
yet.

#########################################
use Net::DNS;
my $resolver;			# Net::DNS resolver object

sub domain_is_wildcard($) {
	my ($address) = $_[0];
	my ($tld, $domain, $wildcard);
	my ($query, $domain_ip, $wildcard_ip);

	if (!defined $resolver) {
		$resolver = new Net::DNS::Resolver;
	}

	$tld = $domain = $address;
	$tld =~ s/.*(\.\w+)$/$1/;
	$domain =~ s/.*[\@\.](\w+\.\w+)$/$1/;
	$wildcard = "*$tld";

	$query = $resolver->query ($domain, "A");
	if ($query) {
		foreach my $rr ($query->answer) {
			next unless $rr->type eq "A";
			$domain_ip = $rr->address;
		}
	}
	$query = $resolver->query ($wildcard, "A");
	if ($query) {
		foreach my $rr ($query->answer) {
			next unless $rr->type eq "A";
			$wildcard_ip = $rr->address;
		}
	}

	if (defined $wildcard_ip &&
		defined $domain_ip &&
		$domain_ip eq $wildcard_ip) {
		return 1;
	} else {
		return 0;
	}
}
#########################################

  --rowan

- -- 
John "Rowan" Littell
Systems Administrator
Earlham College Computing Services
http://www.earlham.edu/~littejo/
2003-09-16 09:39
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
Comment: Made with pgp4pine 1.76

iQCVAwUBP2cjppdUNSJ2nf/5AQE6YQP9Hm1mS6tAIQLfMbwVrl6co80+4Ti+91Pn
o93wx/A0J7l06fV1opJ+tRsOnCyRmRRjgBeVO7n8ouRHniXIiXB0UPFJI514V2Jv
jPmyiXbWpJ9/qs86n3BzraWveSfIhK2xQlW2Q9a0nRz0JoVx8XskjaRwJZbz0u/L
e2Pd08ibVTM=
=cmFp
-----END PGP SIGNATURE-----




More information about the MIMEDefang mailing list