[Pdns-users] MX records by requestor
Aki Tuomi
cmouse at youzen.ext.b2.fi
Mon Sep 8 11:09:22 UTC 2014
On Fri, Sep 05, 2014 at 04:27:35PM -0700, Daniel Miller wrote:
> On 9/5/2014 4:07 PM, Daniel Miller wrote:
> >This is probably a bad idea. But I'll ask anyway...
> >
> >We host our own mail server. This has extensive spam protection
> >which works reasonably well. In addition to our other tests I
> >also make use of "Project Tarbaby" - which provides a set of
> >backup MX servers as honeypots. Properly configured servers
> >shouldn't hit these. I said "properly configured" and
> >"shouldn't".
> >
> >We also use a fax-to-email service. Recently, they started using
> >our backup MX servers - I still don't know why. However, since I
> >don't administer their systems I can't fix that end. But as for
> >ours...my choices are either to drop the honeypot backup MX
> >servers (which I know many admins will recommend) or find another
> >way. I was thinking that I could setup a script that would only
> >give the primary MX to designated requestors. But I'd like to do
> >that based on domain-name lookups instead of hard-coding their
> >IP's. Is this possible?
> >
> >
>
> I'm currently going to try:
>
> if qtype == pdns.MX then
> if requestorip == "my.fax.gateway.ip" then
> return 0, { { qtype=pdns.MX, content="primary.mail.server.fqdn" } }
> end
> else
> return -1, {}
> end
>
> if this works, and it seems reasonable, is there a way to do it by
> matching requestorip to a dns lookup instead of the hardcoded IP?
>
> --
> Daniel
You can always ask lua to do a dns lookup before replying, although there
is a risk you'll delay the response too much. Another alternative is to make
a cache db with sqlite or dbm or smth that you can use for lookup.
Aki
More information about the Pdns-users
mailing list