[Mimedefang] Leveraging rfc-ignorant.org
Jan-Pieter Cornet
johnpc at xs4all.nl
Mon Jun 9 16:43:06 EDT 2008
On Sun, Jun 08, 2008 at 09:54:01PM +0200, Andrzej Adam Filip wrote:
> >> Consider blocking in replies to "RCPT TO:" so you can exclude some
> >> destination addresses from the check (e.g. postmaster and abuse).
> >
> > Well, I'm figuring that if they were doing "postmaster" and "abuse"
> > properly, they wouldn't be listed in rfc-ignorant.org to begin with,
> > right?
rfc-ignorant.org is about not *receiving* mails to postmaster/abuse.
(among others)
> I suggest to allow contacting postmaster at your.domain so delivery
> (blocking) "issues" can be solved without using phone/fax.
>
> Do expect false positives with *ANY* DNSBL.
Especially with rfc-ignorant :) See
http://lists.roaringpenguin.com/pipermail/mimedefang/2004-September/024641.html
etc
That said, if you have a "toy" domain, you can usually get away with
it, blocking everything even to postmaster/abuse. If you're somewhat
more serious about your domain, you should allow for some reasonable
fallback (that doesn't require jump-through-hoops web stuff).
To answer your original question: since rfc-ignorant is domain-based,
you cannot use the md_relay_is_blacklisted functions. So you'll have
to roll your own, but it's pretty trivial. Eg:
sub filter_recipient {
my ($recipient, $sender, $ip, $hostname, $first, $helo,
$rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;
if ( $sender =~ /\@([\w.-]+)$/ ) {
my $sender_domain = $1;
if ( gethostbyname("$sender_domain.whois.rfc-ignorant.org") ) {
return('REJECT', "$sender_domain is RFC-ignorant");
}
}
return('CONTINUE', 'OK');
}
(note: untested!)
--
Jan-Pieter Cornet <johnpc at xs4all.nl>
!! Disclamer: The addressee of this email is not the intended recipient. !!
!! This is only a test of the echelon and data retention systems. Please !!
!! archive this message indefinitely to allow verification of the logs. !!
More information about the MIMEDefang
mailing list