[Mimedefang] Forged Sender Checking
Lucas Albers
admin at cs.montana.edu
Sat Jan 3 03:56:27 EST 2004
Jeremy Mates said:
Your code is awesome.
Implemented it on my server, and it appears to be working great!
Always interesting to see how people do things slightly differently,
code-wise.
Seems to add 3-4 seconds on a mail delivery.
So I greylist and then do a email_is_forged lookup.
made some minor improvements to your code:
adding logging if dns lookups fail.
added timeout on dns lookups.
sub email_is_forged {
my ($sender, $ip) = @_;
my $timeout = 1;
my ($domain) = $sender =~ /\@([\w.-]+)[>.]*$/;
return 0 unless exists $forged_domains{$domain};
my $mx = $dns->query($domain, 'MX');
# TODO if no MX use the A of domain
if (!($mx)){
md_syslog('warning',"email_is_forged,query failed: $res->errorstring
\n");
}
return 0 unless $mx;
for my $rr ($mx->answer) {
next unless $rr->type eq 'MX';
my ($result, $msg) =
md_check_against_smtp_server('<>',
$sender, 'cs.montana.edu', $rr->exchange);
next if $result eq 'TEMPFAIL';
return ($result eq 'REJECT' ? 1 : 0);
}
return 0;
}
--
Luke Computer Science System Administrator
Security Administrator,College of Engineering
Montana State University-Bozeman,Montana
More information about the MIMEDefang
mailing list