How to block sites with bad DNS

From Qmailwiki
Jump to: navigation, search

By using tcpserver / rblsmtpd and qmail-smtpd you can block email coming from sites that do not have a reverse DNS entry. Many sites with no reverse DNS entry send spam. All of the major email sites block email from these misconfigured DNS IPs. In fact most major sites go further.

It is easy to block sites with no reverse dns. Add this to your tcp.smtp file

=:allow
:allow,RBLSMTPD="-You have a reverse DNS problem contact us here http://www.example.com/contact/"

As options to tcpserver be sure not to use the -H option. The -H option (not default) will turn off reverse dns lookup.

How it works The two magic lines to your tcp.smtp file tell tcpserver to set the RBLSMTPD environment variable if there is no reverse DNS entry. The RBLSMTPD variable causes rblsmtpd to return, as a failure, the message you specify. This failure message will be delivered to the sender where they can take action, such as look at your contact page.

tcpserver also has a paranoid option

-p: Paranoid. After looking up the remote host name in DNS, 
    look up the IP addresses in DNS for that host name, 
    and remove the environment variable $TCPREMOTEHOST 
    if none of the addresses match the client's IP address.

Which means if they do not pass the paranoid test they get the error message.

Note on rblsmtpd: rblsmtpd returns the error message as part of the normal smtp protocol exchange. The error message is delivered after the rcpt to: message. Returning the error message at this point in the protocol is usually easier for the sender to understand.

Personal tools