[Pdns-users] MX records by requestor

Aki Tuomi cmouse at youzen.ext.b2.fi
Mon Sep 8 11:09:22 UTC 2014

On Fri, Sep 05, 2014 at 04:27:35PM -0700, Daniel Miller wrote:
> On 9/5/2014 4:07 PM, Daniel Miller wrote:
> >This is probably a bad idea.  But I'll ask anyway...
> >
> >We host our own mail server.  This has extensive spam protection
> >which works reasonably well.  In addition to our other tests I
> >also make use of "Project Tarbaby" - which provides a set of
> >backup MX servers as honeypots.  Properly configured servers
> >shouldn't hit these.  I said "properly configured" and
> >"shouldn't".
> >
> >We also use a fax-to-email service.  Recently, they started using
> >our backup MX servers - I still don't know why.  However, since I
> >don't administer their systems I can't fix that end.  But as for
> >ours...my choices are either to drop the honeypot backup MX
> >servers (which I know many admins will recommend) or find another
> >way.  I was thinking that I could setup a script that would only
> >give the primary MX to designated requestors.  But I'd like to do
> >that based on domain-name lookups instead of hard-coding their
> >IP's.  Is this possible?
> >
> >
> I'm currently going to try:
> if qtype == pdns.MX then
>   if requestorip == "my.fax.gateway.ip" then
>     return 0, { { qtype=pdns.MX, content="primary.mail.server.fqdn" } }
>   end
> else
>   return -1, {}
> end
> if this works, and it seems reasonable, is there a way to do it by
> matching requestorip to a dns lookup instead of the hardcoded IP?
> --
> Daniel

You can always ask lua to do a dns lookup before replying, although there
is a risk you'll delay the response too much. Another alternative is to make
a cache db with sqlite or dbm or smth that you can use for lookup. 


More information about the Pdns-users mailing list