IP drop list
Nick Edwards
nick.z.edwards at gmail.com
Tue Mar 3 12:35:16 UTC 2015
daemontools
On 3/2/15, Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, 2 Mar 2015, Reindl Harald wrote:
>> Am 02.03.2015 um 10:06 schrieb Steffen Kaiser:
>>> If such plugin(?) is available, I would expect immediate complains, it
>>> does not support:
>>>
>>> + local file lists with various sets of syntaxes
>>> + RBLs with a fine grained response matching
>>> + use the same RBL response for multiple match-action pairs
>>
>> or it could work just with no config, unconditional and
>
> therefore I wrote, that I expect complains, if this feature would work
> like that
>
>> in front of any
>> authentication,
>
> what is that same as to place it as first passdb, with the overhead of
> parsing the config file and adding it into the passdb{} chain.
>
>> frankly even without any response - connection -> RBL
>> check
>> -> close connection, done
>
> some external RBLs return certain information in the response, e.g.
> 127.0.0.2 is less problematic than 127.0.0.1, so "I expect complains" this
> or that RBL is not working correctly ;-)
>
>> hence RBL's make sense in the core because *in front* of any other
>> protocol
>> specific code
>
> That's TCP wrapper or a firewall, IMHO. (for a file list, not RBL).
> However, there used to be a RBL patch for TCP wrapper and some
> distribution provide other implementations of a TCP wrapper with RBL, if
> this post correct:
> http://grokbase.com/t/centos/centos/143mg1wxsj/does-anyone-use-tcp-wrappers-hosts-allow-hosts-deny-anymore
>
> - --
> Steffen Kaiser
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEVAwUBVPQufHz1H7kL/d9rAQKC3wf/ZuStrHInsV3OkgDC5EDBeSyvMOxlskiy
> xCNUeAxaqPt4DvgCHnXmXX3V2yi+hXvsFyWhIBcsJcgUvbi0sJWwy7Undw2Fs6Cf
> iaOD3+u1VV+7IwiiZIMNMpUcDisj9Ic3DBoDTx9SeyBS09i7lKAVORZw486LooWX
> uTCMZOEmzH43DEfHxmIMPMcyQBF4b7kzc3A/sabpc70bhrJAV8E2ZNpPzIyAiC3A
> PwjUR+YfdYoorqz79ymmzcngsUUSAXfiUAhJpRyVOL2UiMurjROdsU5vSpXJm71j
> lgELgKpo6DkIjX+qAPVtdPu/J6cRLUcfvysNezU2vV9KpgJk97cwmw==
> =2nvt
> -----END PGP SIGNATURE-----
>
More information about the dovecot
mailing list