Page 1 of 2

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Mon Oct 24, 2011 3:13 pm
by eatickets
I'm sure I'm not the only one who's tried to do this, but I've checked the forums and Google and couldn't find any instructions or documentation on this one: is there any way to tell Zimbra to block email from any IP address that doesn't resolve via a reverse DNS lookup?
I'm running ZCS Version 6.0.14_GA_2928.NETWORK on Ubuntu 8.04.

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 2:19 pm
by gvillaran
I think there is a check button to do that in the MTA tab in Global Settings?

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 2:26 pm
by eatickets
[quote user="gvillaran"]I think there is a check button to do that in the MTA tab in Global Settings?[/QUOTE]
I found a "DNS Settings" section. I'm assuming the setting you're thinking of is the check box for "Sender's domain (reject_unknown_sender_domain)"?

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 2:29 pm
by gvillaran
yes, thats the option i was thinking about.
is that what you want?

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 2:32 pm
by eatickets
That's probably what I want, but I'm not entirely familiar with how the "reject_unknown_sender_domain" command works, so I want to make sure this will fulfill my original request before I implement it.

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 2:44 pm
by gvillaran
Well if i send an email from isme@mydomaindontexist.com it will be rejected if the domain "mydomaindontexist.com" doesnt exist.
simple.

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Oct 26, 2011 3:33 pm
by eatickets
But, is that the same thing as an IP address not resolving to a domain via reverse DNS lookup? It sounds like it is, but I want to make sure.

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Wed Nov 09, 2011 2:25 pm
by eatickets
Also, can anyone give me the likelihood of legitimate email being blocked with this reverse DNS lookup feature enabled?

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Sat Nov 12, 2011 8:01 am
by Yves Pires
bad mail server setup

Block IPs that Don't Resolve via Reverse DNS Lookup

Posted: Mon Nov 14, 2011 10:52 am
by eatickets
[quote user="Yves Pires"]bad mail server setup[/QUOTE]
What do you mean by this?