DNSBL to policy bank

Patrick Ben Koetter p at sys4.de
Sat Feb 20 07:23:17 CET 2016


please find our DNSBL to policy bank patch attached.

The purpose of this patch is to query a (local) DNSBL service for a given IP
address and let amavis add the IP to a policy bank if the IP was listed on
that DNSBL list.

This is how we use it:

@client_ipaddr_policy = (
        Amavis::Lookup::DNSBL::read_dns(qw(, {port=>53, tcp_timeout=>1, udp_timeout=>1, persistent_udp=>1, persistent_tcp=>1}, "%a.dnswl.csa",[qw(]) => 'CSA',
        [qw( [::] [::1] )] => 'LOCALHOST',
        \@mynetworks => 'MYNETS'

In the example above read_dns configures amavis to connect to a DNS service on amavis will query for a record constructed from the clients IP
address '%a' and the domainpart ".dnswl.csa". If the DNS service replies either or amavis should apply the settings configured in a CSA

We use this feature to excempt particular IPs from SPAM scanning in a large
SMTP cluster, where it is easier to provide the IP list via DNS instead of
pushing a CIDR out to all scan nodes.

We find this feature quite useful to and I hope you will add it to amavis.


p at rick

[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policybank_by_dnsxl.patch
Type: text/x-diff
Size: 2010 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20160220/ba895b3c/attachment.patch>

More information about the amavis-users mailing list