[Dnsmasq-discuss] configurable stop-dns-rebind?
    clemens fischer 
    ino-news at spotteswoode.dnsalias.org
       
    Mon May 17 23:00:30 BST 2010
    
    
  
Simon Kelley wrote:
> clemens fischer wrote:
>
>> I see src/rfc1035.c::private_net() now has an additional argument
>> "ban_localhost" used to differentiate its use in bogus-priv and
>> stop-rebind.  How about making "ban_localhost" a real option so that
>> users can decide for themselves what they need?  A host running
>> spamassassin should propably not run services with access to private
>> info.  Users could either specify all the DNSBL's and run with
>> "ban_localhost" for maximum security or run things like spamassassin
>> with "ban_localhost" off.
>> 
>> ...
>> 
>> I just noticed: the replies to TXT queries aren't logged.  These
>> records are routinely queried by DNSBL's to provide the user readable
>> blocking reason.  It would help to see them logged in case the SMTP
>> server has problems.
> 
> Both sensible suggestions: implemented in test29, from the usual
> place.
thanks.  works.  as always  8-)
clemens
    
    
More information about the Dnsmasq-discuss
mailing list