[69608] in North American Network Operators' Group
Re: SORBS Insanity
daemon@ATHENA.MIT.EDU (Joe Maimon)
Thu Apr 15 09:03:25 2004
Date: Thu, 15 Apr 2004 09:02:47 -0400
From: Joe Maimon <jmaimon@ttec.com>
To: Matthew Sullivan <matthew@sorbs.net>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <407E8055.7020902@sorbs.net>
Errors-To: owner-nanog-outgoing@merit.edu
Matthew Sullivan wrote:
>
> <snip>
> You will note my post before Christmas about the up and coming
> whitelisting mechanism - I am still collecting details for people
> wanting to use it - unfortunately for a variety of reasons the
> whitelisting mechanism is still not ready to go public.
>
> Yours
>
> Matthew
>
>
Speaking about whitelisting....comp.mail.sendmail google
link...Reproduced below..
http://groups.google.com/groups?q=sendmail+whitelist+dns&hl=en&lr=&ie=UTF-8&oe=UTF-8&c2coff=1&selm=ac4e9990.0311250514.65c4e614%40posting.google.com&rnum=9
Hello all,
I was wondering if any of you use *dns* lists for whitelisting purposes.
I have found a couple of whitelists online (bondedsenders) and their
m4 was far from satisfactory. I have found that the below (trivial)
modification to dnsblaccess.m4 allows me to specify that a specific
return value from the access map will *whitelist* the connection.
Has anyone gone in this direction before?
Joe M
--- dnsblaccess.m4 Sun May 19 17:30:06 2002
+++ /usr/lib/*sendmail*-cf/hack/dnsblaccess.m4 Tue Nov 18 08:03:14
2003
@@ -90,5 +90,6 @@
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $* $#error $: $1
R<DISCARD> $* $#discard $: discard
+R<*WHITELIST*> $* $#OK
R<$*> $* $#error $@ 5.7.1 $: _EDNSBL_MSG_
divert(-1)
