Support for DNS-based Databases (Sun Java System Messaging Server 6 2005Q4 Administration Guide)

Sun Java System Messaging Server 6 2005Q4 Administration Guide

Support for DNS-based Databases

The dns_verify program supports DNS-based databases used to determine incoming SMTP connections that might send unsolicited bulk mail. Some of the publicly available DNS databases do not contain TXT records that are typically used for this purpose. Instead, they only contain A records.

In a typical setup, the TXT record found in the DNS for a particular IP address contains an error message suitable to return to the SMTP client when refusing a message. But, if a TXT record is not found and an A record is found, then versions of dns_verify prior to Messaging Server 5.2 returned the message “No error text available.”

dns_verify now supports an option that specifies a default text that is used in the event that no TXT record is available. For example, the following PORT_ACCESS mapping table shows how to enable this option:

PORT_ACCESS 

   *|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E  \
   TCP|*|25|*|*   \
$C$[<msg_svr_base/lib/dns_verify.so \
,dns_verify_domain_port,$1,dnsblock.siroe.com,Your$ host$ ($1)$ \
found$ on$ dnsblock$ list]$E 
    * $YEXTERNAL

In this example, if the remote system is found in a query in the domain dnsblock.siroe.com, but no TXT record is available, then the following message is returned, “Your host a.b.c.d found on dnsblock list.”