develooper Front page | perl.qpsmtpd | Postings from March 2006

Re: dnsbl or spamhaus occassionally blocks wrong IP

Thread Previous | Thread Next
Peter J. Holzer
March 14, 2006 14:12
Re: dnsbl or spamhaus occassionally blocks wrong IP
Message ID:
On 2006-03-14 22:29:33 +0100, Peter J. Holzer wrote:
> My expectation was wrong. As Sidney Markowitz in
> points
> out:
> | Net::DNS can't use the ID field to ensure that a bgread matches up with
> | a bgsend unless it cached every socket returned by bgsend in order to
> | save the ID in a hash with it.
> So the matching has to be done by the application. We don't actually
> have to check the ID (although we probably should to avoid spoofed
> responses), but we should at least check if the name in the request
> matches the name in the query. (currently the name is only extracted to
> find out which rbl this was)

Here is a first patch. It checks only if the name(s) in the answer
section match the name(s) in the queries. It doesn't try to match IDs.
I think that is acceptable in this case, as presumably qpsmtpd and the
nameserver are behind the same firewall or even on the same host.


   _  | Peter J. Holzer    | Ich sehe nun ein, dass Computer wenig
|_|_) | Sysadmin WSR       | geeignet sind, um sich was zu merken.
| |   |         |
__/   | |	-- Holger Lembke in dan-am

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About