[Mimedefang] MX -> 127.0.0.1
Matthew.van.Eerde at hbinc.com
Matthew.van.Eerde at hbinc.com
Mon Sep 12 17:11:19 EDT 2005
David F. Skoll wrote:
> Les Mikesell wrote:
>
>> Any MX of 127.0.0.1 is not only broken but malicious
>
> I would reject mail from a domain that does that.
So in principle...
sub filter_sender
{ ...
if ( any_illegal_mxs_for($sender) )
{
# Les-style
# let's defuse that bomb
action_discard(...);
# Matt-style
# let's throw the bomb back over the wall
action_reject(
"MX for $sender " .
"includes IP $bad_mx " .
"in illegal subnet $bad_subnet"
);
}
...
}
sub any_illegal_mxs_for($)
{
my $email = shift;
my $domain = domain_of($email);
my @mxs = mxs_for($domain);
for my $mx (@mxs)
{
if (is_illegal($mx))
{
$bad_mx = $mx;
return 1; # yup, there's at least one
}
}
return 0; # nope, they all check out
}
my @bad_subnets = (...);
sub is_illegal($)
{
my $ip = shift;
for my $subnet (@bad_subnets)
{
if (ip_in_subnet($ip, $subnet))
{
$bad_subnet = $subnet;
return 1; # yup, illegal
}
}
return 0; # nah, this ip is fine
}
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
More information about the MIMEDefang
mailing list