Milter-greylist

On 2013-08-05 15:19, Johann Klasek wrote:
> Sendmial provides macro client_resolve, I use it like that:
>
> sm_macro "maybe_forged" "{client_resolve}" "FORGED"
> racl greylist sm_macro "maybe_forged" delay 1h autowhite 3d

Unfortunately, the CommSuite Messaging Server with which I am 
integrating now, does not define this macro. But thanks for
suggestion, it might be useful on our other Sendmail relays.

> The real problem has it root in how Solaris (back into acient days)
> handles IP to hostname mapping: Even a valid mapping from ip to hostname
> exists, if the hostname does not exist or does not map back to the
> originated IP the name is not taken! Gave me headache in all the
> IP translation stuff for years ...
> Solaris calls this kind of double-reverse check "security" (other call
> it paranoid, e.g. TCP wrappers package). ;)

I am not sure I ever saw such behavior, but I've only dealt
with it since late Solaris 7 - mostly 8-10 and open descendants.

While this may have been a problem for dynamic protocols like
DHCP or TFTP/BOOTP with sanity checks for the picked network
config of the host itself (net-booting is tricky with non-default
subnets, etc), I don't think similar checks were a system default
for testing names of remote hosts, nor for static config of the
local host...

> I didn't find a way to circumvent this behavior (in Solaris,
> except with something like a dynamic library hook or similar).

Thanks,
//Jim