DNSBL to policy bank
Patrick Ben Koetter
p at sys4.de
Sat Feb 20 07:23:17 CET 2016
Mark,
please find our DNSBL to policy bank patch attached.
The purpose of this patch is to query a (local) DNSBL service for a given IP
address and let amavis add the IP to a policy bank if the IP was listed on
that DNSBL list.
This is how we use it:
@client_ipaddr_policy = (
Amavis::Lookup::DNSBL::read_dns(qw(127.0.0.1), {port=>53, tcp_timeout=>1, udp_timeout=>1, persistent_udp=>1, persistent_tcp=>1}, "%a.dnswl.csa",[qw(127.0.0.50 127.0.0.2)]) => 'CSA',
[qw( 0.0.0.0/8 127.0.0.1/32 [::] [::1] )] => 'LOCALHOST',
\@mynetworks => 'MYNETS'
);
In the example above read_dns configures amavis to connect to a DNS service on
127.0.0.1. amavis will query for a record constructed from the clients IP
address '%a' and the domainpart ".dnswl.csa". If the DNS service replies either
127.0.0.50 or 127.0.0.2 amavis should apply the settings configured in a CSA
policy_bank.
We use this feature to excempt particular IPs from SPAM scanning in a large
SMTP cluster, where it is easier to provide the IP list via DNS instead of
pushing a CIDR out to all scan nodes.
We find this feature quite useful to and I hope you will add it to amavis.
Regards
p at rick
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policybank_by_dnsxl.patch
Type: text/x-diff
Size: 2010 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20160220/ba895b3c/attachment.patch>
More information about the amavis-users
mailing list