httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jem Berkes" <>
Subject New mod_dnsbl_lookup release
Date Tue, 16 Aug 2005 04:04:45 GMT
I don't have svn access yet, but I have posted the module here:

This is much improved from my earlier 0.90, taking advice from Colm. With 
this new style of configuration the module can be used more flexibly for 
blacklists, whitelists, or other things. Configuration now looks like:

DnsblZone spammers	any
DnsblZone spammers
DnsblZone spammers
DnsblZone whitelist	customers.dnsbl	any
RhsblZone spammers

The README in the above tarball is very thorough and describes how to use 
the module's functions. I'm interested in adding the functionality into 
mod_smtpd of course. Rian and Nick: how should we proceed on that?

Here in brief is a relevant part of my README

4. Using from mod_smtpd

The function calls work in isolation, without requiring any prior setup 
before using DNSBLs. The server configuration takes care of all 
DNSBL and RHSBL setup, including domains to query and responses to 
interpret as positive.

The important knowledge link between mod_dnsbl_lookup and its user, say 
mod_smtpd, is the chain name that defines the desired DNSBLs. Instead of 
hard coding a chain name, it makes much more sense to have a module such 
as mod_smtpd load during its configuration some chains to work with.

So mod_smtpd might have configuration directives such as:
SmtpBlacklistChain blackchain
SmtpWhitelistChain whitechain

Now mod_smtpd knows which chain to query for blacklisting purposes, and 
which chain to query for whitelisting purposes. The admin may leave either 
chain undefined of course and can easily modify the configuration by 
substituting different chain names (as used by DnsblZone and RhsblZone). 
The pseudo code within mod_smtpd might then be:

Attempt to load optional dnsbl_lookup functions
If functions are available
	If dnsbl_lookup_ip("whitechain", client) == DNSBL_POSITIVE
		return ALLOW_SERVICE	// even if blacklisted
	Else If dnsbl_lookup_ip("blackchain", client) == DNSBL_POSITIVE
return ALLOW_SERVICE	// default action

- Jem

View raw message