[Pdns-users] MX records by requestor
Daniel Miller
dmiller at amfes.com
Fri Sep 5 23:27:35 UTC 2014
On 9/5/2014 4:07 PM, Daniel Miller wrote:
> This is probably a bad idea. But I'll ask anyway...
>
> We host our own mail server. This has extensive spam protection which
> works reasonably well. In addition to our other tests I also make use
> of "Project Tarbaby" - which provides a set of backup MX servers as
> honeypots. Properly configured servers shouldn't hit these. I said
> "properly configured" and "shouldn't".
>
> We also use a fax-to-email service. Recently, they started using our
> backup MX servers - I still don't know why. However, since I don't
> administer their systems I can't fix that end. But as for ours...my
> choices are either to drop the honeypot backup MX servers (which I
> know many admins will recommend) or find another way. I was thinking
> that I could setup a script that would only give the primary MX to
> designated requestors. But I'd like to do that based on domain-name
> lookups instead of hard-coding their IP's. Is this possible?
>
>
I'm currently going to try:
if qtype == pdns.MX then
if requestorip == "my.fax.gateway.ip" then
return 0, { { qtype=pdns.MX, content="primary.mail.server.fqdn" } }
end
else
return -1, {}
end
if this works, and it seems reasonable, is there a way to do it by
matching requestorip to a dns lookup instead of the hardcoded IP?
--
Daniel
More information about the Pdns-users
mailing list