[Dnsmasq-discuss] configurable stop-dns-rebind?

clemens fischer ino-news at spotteswoode.dnsalias.org
Mon May 17 23:00:30 BST 2010


Simon Kelley wrote:

> clemens fischer wrote:
>
>> I see src/rfc1035.c::private_net() now has an additional argument
>> "ban_localhost" used to differentiate its use in bogus-priv and
>> stop-rebind.  How about making "ban_localhost" a real option so that
>> users can decide for themselves what they need?  A host running
>> spamassassin should propably not run services with access to private
>> info.  Users could either specify all the DNSBL's and run with
>> "ban_localhost" for maximum security or run things like spamassassin
>> with "ban_localhost" off.
>> 
>> ...
>> 
>> I just noticed: the replies to TXT queries aren't logged.  These
>> records are routinely queried by DNSBL's to provide the user readable
>> blocking reason.  It would help to see them logged in case the SMTP
>> server has problems.
> 
> Both sensible suggestions: implemented in test29, from the usual
> place.

thanks.  works.  as always  8-)


clemens




More information about the Dnsmasq-discuss mailing list