Mercurial > dnsbl
diff xml/dnsbl.in @ 13:2752e512fd32 stable-2-1
finish documentation
| author | carl |
|---|---|
| date | Sun, 25 Apr 2004 11:36:08 -0700 |
| parents | 6ac6d6b822ce |
| children | 443aa0e8c6fa |
line wrap: on
line diff
--- a/xml/dnsbl.in Fri Apr 23 22:45:10 2004 -0700 +++ b/xml/dnsbl.in Sun Apr 25 11:36:08 2004 -0700 @@ -41,8 +41,8 @@ <p>You may want to blacklist some specific senders or sending domains. This could be done thru either the DCC (on a global basis, or for a specific single recipient). We prefer to do such blacklisting via the -DNSBL milter config, since it can be done for an entire recipient mail -domain. The DCC approach has the feature that you can capture the +DNSBL milter config, since it can be done for a collection of recipient +mail domains. The DCC approach has the feature that you can capture the entire message in the DCC log files. The DNSBL milter approach has the feature that the mail is rejected earlier (at RCPT TO time), and the sending machine just gets a generic "550 5.7.1 no such user" message. @@ -51,7 +51,9 @@ include_dcc line) in the DNSBL milter config. This will import the (env_to, env_from, and substitute mail_host) entries from the DCC config into the DNSBL config. This allows using the DCC config as the single -point for white/blacklisting. +point for white/blacklisting. When used in this manner, the whitelist +env_to entries from the DCC config become global whitelist entries in +the DNSBL config. <p>Consider the case where you have multiple clients, each with their own mail servers, and each running their own DCC milters. Each client @@ -126,20 +128,22 @@ </pre> <p>to allow those clients to smarthost thru your mail server. Now if -one of those clients happens get infected with a virus that turns into -an open proxy, and their 192.168.4.45 lands on the SBL-XBL, you will -still wind up allowing that infected machine to smarthost thru your mail -servers. +one of those clients happens get infected with a virus that turns a +machine into an open proxy, and their 192.168.4.45 lands on the SBL-XBL, +you will still wind up allowing that infected machine to smarthost thru +your mail servers. <p>With this DNSBL milter, the sendmail access database cannot override the dnsbl checks, so that machine won't be able to send mail to or thru -your smarthost machine. +your smarthost mail server. -<hr> -<center>Installation and configuration</center> -<p>Usage: Note that this has ONLY been tested on Linux, specifically -RedHat Linux. Your mileage will vary. In particular, this milter makes no -attempt to understand IPv6. +<hr> <center>Installation and configuration</center> <p>Usage: Note +that this has ONLY been tested on Linux, specifically RedHat Linux. In +particular, this milter makes no attempt to understand IPv6. Your +mileage will vary. You will need at a minimum a C++ compiler with a +minimally thread safe STL implementation. The distribution includes a +test.cpp program. If it fails this milter won't work. If it passes, +this milter might work. Fetch <a href="http://www.five-ten-sg.com/util/dnsbl.tar.gz">dnsbl.tar.gz</a> and @@ -161,7 +165,7 @@ Read the sample <a href="http://www.five-ten-sg.com/dnsbl.conf">var/dnsbl/dnsbl.conf</a> file and modify it to fit your configuration. You can test your -configuration files, and see a readable internal dump of them on stderr +configuration files, and see a readable internal dump of them on stdout with <pre>