hnbl - HostName BlackList: Check DNS name of host against a list of regex's
Version 2
o Checks hostname (or lack of) at the connect stage and leaves 'notes'.
o During RCPT stage, if a bad host or bare IP was found, logs the intended
receiver, sender, and sender IP and returns:
o DECLINED if tcpserver defined $ENV{RELAYCLIENT} so POP-before-SMTP
authentication still works.
o DECLINED if $ENV{KNOWNIP} is defined by tcpserver
o DECLINED names that match any regex in 'notbadmailfromhost'
o DENYSOFT hosts with no reverse DNS
o DENY hosts with names that match any regex in 'badmailfromhost'
o SMTP error message includes $errormail so legit senders have a path to
get themselves whitelisted
The excessive logging is because I want to be able to do some stats after the fact.
o Copy the script into your qpsmtpd/plugins directory. o Edit the $errormail variable to something "open" you can check like a yahoo or hotmail account. (script should not run as-is, unescaped @) o Add to 'config/plugins'. I put mine after require_resolvable_fromhost, seems to work ok o Add bad regex's to 'config/badmailfromhost'. o Add not bad regex's to 'config/notbadmailfromhost'.
Kill more spammers
Frank Johnson <ratty at they.org>