[Mimedefang] $RelayHostname not matchingsendmail's Receivedheader?

John Rudd john at rudd.cc
Wed Dec 6 14:32:57 EST 2006


Michael Sims wrote:
> John Rudd wrote:
>> Michael Sims wrote:
>>>  No biggie, my Net::DNS solution is working fine so I'll stick with
>>> that for now. 
>> What exactly is it that you're trying to do?
> 
> Get the PTR for the connecting relay, even if the forward and reverse lookups don't match.  Apparently $RelayHostname only contains the PTR if they do match.  Currently I'm checking for this and using Net::DNS to get the PTR myself if necessary...
> 

That part I could figure out.

I meant "what are trying to accomplish once you have that PTR record"?


Are you going to do something similar to what my Botnet SpamAssassin 
plugin does?  Botnet was based on code I had actually written into my 
mimedefang-filter ... and I could share that code with anyone trying to 
produce the same result.


Botnet looks to verify that:

a) the relay has a PTR record at all
b) optional: the hostname in the PTR record resolves, and resolves back 
to the IP address that you're talking to
c) the hostname doesn't contain 2 or more octets of its IP address in 
hex or decimal form
d) the hostname doesn't contain certain "client like" keywords (dsl, 
dynamic, dialup, etc.)
e) (in Botnet, but not in my mimedefang version) will exempt c & d if 
the hostname does contain certain "sever like" keywords.


Right now, I use Botnet instead of my old mimedefang code.





More information about the MIMEDefang mailing list