[Dnsmasq-discuss] configurable stop-dns-rebind?
clemens fischer
ino-news at spotteswoode.dnsalias.org
Mon May 17 23:00:30 BST 2010
Simon Kelley wrote:
> clemens fischer wrote:
>
>> I see src/rfc1035.c::private_net() now has an additional argument
>> "ban_localhost" used to differentiate its use in bogus-priv and
>> stop-rebind. How about making "ban_localhost" a real option so that
>> users can decide for themselves what they need? A host running
>> spamassassin should propably not run services with access to private
>> info. Users could either specify all the DNSBL's and run with
>> "ban_localhost" for maximum security or run things like spamassassin
>> with "ban_localhost" off.
>>
>> ...
>>
>> I just noticed: the replies to TXT queries aren't logged. These
>> records are routinely queried by DNSBL's to provide the user readable
>> blocking reason. It would help to see them logged in case the SMTP
>> server has problems.
>
> Both sensible suggestions: implemented in test29, from the usual
> place.
thanks. works. as always 8-)
clemens
More information about the Dnsmasq-discuss
mailing list