Registrar Barrier DNS List
From Computer Tyme Support Wiki
(→Other DNS Lists) |
|||
| Line 52: | Line 52: | ||
= Other DNS Lists = | = Other DNS Lists = | ||
| - | Junk Email Filter produces a number of other lists that return information about host names. | + | Junk Email Filter produces a number of other lists that return information about host names. |
== Free Mail Domains List == | == Free Mail Domains List == | ||
| + | |||
| + | These are a list of host names of provider of free email accounts that are often used for fraud scams. The list includes names like yahoo.com, hotmail.com, gmail.com. This is not a block list. It is used to determine if the account used comes from a freemail provider. | ||
| + | |||
| + | Usage: | ||
| + | |||
| + | dig yahoo.com.freemaildomains.junkemailfilter.com | ||
| + | |||
| + | For example. Spammers sometimes send email from a hotmail.com account and have the reply-to set to a gmail.com account. That way when the sender gets shut down for spamming the reply-to still works. | ||
| + | |||
| + | Here's an example of an Exim rule to block this. | ||
| + | |||
| + | |||
== ISP Hosts List == | == ISP Hosts List == | ||
== HELO Match List == | == HELO Match List == | ||
Revision as of 13:49, 26 May 2008
Contents |
DNS Lookup to Separate the domain part of a hostname
This DNS lookup helps you find the main domain part (Registrar Barrier) of a hostname. Sometimes it is reffered to as two level TLDs and three level TLDs. Lookups are accomplished through DNS calls as follows:
dig perkel.com.rb.junkemailfilter.com - returns 127.0.0.1 dig perkel.co.uk.rb.junkemailfilter.com - returns 127.0.0.2 dig perkel.state.ca.us.rb.junkemailfilter.com - returns 127.0.0.3
This is a service of Junk Email Filter dot com. One of many technologies used in advanced email filtering.
Exim Configuration
If you are running Exim you can use this as follows:
# This example calls rb_resolve as an ACL subroutine setting acl_c_sender_host_domain # from $acl_c_rb_result. Using the acl subroutine allows you to extract the # registrar barrier part from and host string such as HELO. warn set acl_c_rb_query = $sender_host_name acl = rb_resolve set acl_c_sender_host_domain = $acl_c_rb_result
# ACL Subroutine that returns that registry barrier part of a string. The string is
# passed in acl_c_rb_query and returned in acl_c_rb_result.
# Example: mx.junkemailfilter.com returns junkemailfilter.com
rb_resolve:
# Separates the domain part of a hostname - ftp.perkel.com returns perkel.com
# DNS lookup returns 127.0.0.1 for single level domains
# DNS lookup returns 127.0.0.2 for two level domains
# DNS lookup returns 127.0.0.3 for three level domains
warn set acl_c_rb_result =
set acl_c_rb_query = ${lc:$acl_c_rb_query}
accept condition = ${if eq{$acl_c_rb_query}{}}
accept !dnslists = rb.junkemailfilter.com/$acl_c_rb_query
accept condition = ${if eq{$dnslist_value}{127.0.0.1}}
set acl_c_rb_result = ${sg{$acl_c_rb_query}{\N^(.*\.)?(.*\..*)$\N}{\$2}}
accept condition = ${if eq{$dnslist_value}{127.0.0.2}}
set acl_c_rb_result = ${sg{$acl_c_rb_query}{\N^(.*\.)?(.*\..*\..*)$\N}{\$2}}
accept condition = ${if eq{$dnslist_value}{127.0.0.3}}
set acl_c_rb_result = ${sg{$acl_c_rb_query}{\N^(.*\.)?(.*\..*\..*\..*)$\N}{\$2}}
accept
Other DNS Lists
Junk Email Filter produces a number of other lists that return information about host names.
Free Mail Domains List
These are a list of host names of provider of free email accounts that are often used for fraud scams. The list includes names like yahoo.com, hotmail.com, gmail.com. This is not a block list. It is used to determine if the account used comes from a freemail provider.
Usage:
dig yahoo.com.freemaildomains.junkemailfilter.com
For example. Spammers sometimes send email from a hotmail.com account and have the reply-to set to a gmail.com account. That way when the sender gets shut down for spamming the reply-to still works.
Here's an example of an Exim rule to block this.
