Morning all,
Is there any way to perform a RDNS check in MercuryS.
What I want to do is check the HELO/EHLO text against RDNS and if they don't match, reject the connection since most email servers provide a FQDN as the HELO/EHLO command.
i.e This IP has no RDNS info:-
Connection from 202.134.4.162
T 20190331 103329 5c59bad3 EHLO dua.iix.mx
T 20190331 103329 5c59bad3 STARTTLS
T 20190331 103330 5c59bad3 EHLO dua.iix.mx
T 20190331 103331 5c59bad3 MAIL FROM:<bkk@ambon.go.id> SIZE=247690
Checking RIPEstat the IP resolves to an address in jakata with no RDNS
https://stat.ripe.net/202.134.4.162#tabId=at-a-glance
I've looked at the SmtpEvt module, but didn't find anything that might help. It might be a good addition though.
GreyWall works well to remove a lot of instances, but a few still get through.
Thanks in advance
John.
<p>Morning all,</p><p>Is there any way to perform a RDNS check in MercuryS.</p><p>What I want to do is check the HELO/EHLO text against RDNS and if they don't match, reject the connection since most email servers provide a FQDN as the HELO/EHLO command.</p><p>i.e This IP has no RDNS info:-
</p><p>Connection from 202.134.4.162
T 20190331 103329 5c59bad3 EHLO dua.iix.mx
T 20190331 103329 5c59bad3 STARTTLS
T 20190331 103330 5c59bad3 EHLO dua.iix.mx
T 20190331 103331 5c59bad3 MAIL FROM:&lt;bkk@ambon.go.id&gt; SIZE=247690</p><p>Checking RIPEstat the IP resolves to an address in jakata with no RDNS</p><p><a mce_href="https://stat.ripe.net/202.134.4.162#tabId=at-a-glance" target="_blank" title="https://stat.ripe.net/202.134.4.162#tabId=at-a-glance" href="https://stat.ripe.net/202.134.4.162#tabId=at-a-glance">https://stat.ripe.net/202.134.4.162#tabId=at-a-glance</a></p><p>I've looked at the SmtpEvt module, but didn't find anything that might help. It might be a good addition though.</p><p>GreyWall works well to remove a lot of instances, but a few still get through.</p><p>Thanks in advance</p><p>John.
</p><p>&nbsp;
</p>
